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Introduction 



Guide overview 

HP iLO 2 provides multiple ways to configure, update, and operate HP ProLiant servers remotely. The HP 
Integrated Lights-Out User Guide and the HP Integrated Lights-Out 2 User Guide describe each feature 
and explain how to use these features with the browser-based interface and RBSU. 

The HP Integrated Lights-Out Management Processor Scripting and Command Line Resource Guide 
describes the syntax and tools available to use iLO 2 through a command line or scripted interface. 

Sample XML scripts downloaded from the HP website contain commands for all iLO, iLO 2, and RILOE II 
firmware. Unless otherwise specified, examples in this guide are specifically for iLO 2 firmware version 
1.10 and later. Before using the XML sample scripts downloaded from the HP website 
( http://hl 8004.wwwl .hp.com/support/files/lights-out/ us/index.html ), read the firmware support 
information in each sample script to tailor the script for the intended firmware and version. 

New in this version 

This guide reflects changes in the iLO 2 firmware. This guide covers iLO versions 1 .82, 1 .91, and iLO 2 
versions 1 . 1 x, 1 .2x, 1 .30, 1 .70, 1 .75, and 1 .77. This version of the guide includes updates for the 
following: 

• Sections: 

o "HPONCFG online configuration utility (on page 61)" 

o "Directory commands (on page 23)" 

o "Blade commands (on page 30)" 

o "Boot commands (on page 31 )" 

o "System properties and targets (on page 32)" 

o "Group administration and iLO 2 scripting (on page 46)" 

• Updated the following RIBCL commands: 
o UPDATE_RIB_FIRMWARE 

o GET_HOST_PWR_MICRO_VER 
o GET_PWREG_CAPABILITIES 

For information about these updates, see "Using RIBCL (on page 70)." 
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HP ProLiant Essentials Rapid Deployment Pack 
Integration 

HP ProLiant Essentials Rapid Deployment Pack integrates with iLO 2 to allow the management of remote 
servers and the performance of remote console operations regardless of the state of the operating system 
or hardware. 

The Deployment Server provides the ability to use the power management features of iLO 2 to power on, 
power off, or cycle power on the target server. Each time a server connects to the Deployment Server, the 
Deployment Server polls the target server to see if a LOM management device is installed. If installed, the 
server gathers information including the DNS name, IP address, and first user name. Security is 
maintained by requiring the user to enter the correct password for that user name. 

For more information about the ProLiant Essentials Rapid Deployment Pack, refer to the documentation that 
ships on the ProLiant Essentials Rapid Deployment Pack CD or the HP website 

( http://www.hp.com/servers/ rdp) . 

Server management through IPMI version 2.0 
compliant applications 

Server management through the IPMI is a standardized method for controlling and monitoring the server. 
iLO 2 provides server management based on the IPMI version 2.0 specification. 

The IPMI specification defines a standardized interface for platform management. The IPMI specification 
defines the following types of platform management: 

• Monitoring of system information, such as fans, temperatures, and power supplies 

• Recovery capabilities, such as system resets and power on/off operations 

• Logging capabilities, for abnormal events such as over temperature readings or fan failures 

• Inventory capabilities, such as identifying failed hardware components 

IPMI communications are dependent on the BMC and the SMS. The BMC manages the interface between 
the SMS and the platform management hardware. iLO 2 emulates the BMC functionality and the SMS 
functionality can be provided by various industry-standard tools. For additional information, see the IPMI 
specification on the Intel® website ( http:/ / www.intel.com/ design/ servers/ipmi/tools.htm ). 

iLO 2 provides the KCS interface, or open interface, for SMS communications. The KCS interface provides 
a set of I/O mapped communications registers. The default system base address for the I/O mapped 
SMS Interface is 0xCA2 and is byte aligned at this system address. 

The KCS interface is accessible to SMS software that is running on the local system. Examples of 
compatible SMS software applications are as follows: 

• IPMI version 2.0 Command Test Tool is a low-level MS-DOS command line tool that enables hex- 
formatted IPMI commands to be sent to an IPMI BMC that implements the KCS interface. You can 
locate this tool on the Intel® website ( http://www.intel.com/design/servers/ipmi/tools.htm ). 

• IPMItool is o utility for mongging gnd configuring devices thot support the IPMI version 1 .5 ond 
version 2.0 specifications and can be used in a Linux environment. You can locate this tool on the 
IPMItool website ( http://ipmitool.sourceforge.net/index.html ). 
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IPMI functionality provided by iLO 2 

When emulating a BMC for the IPMI interface, iLO 2 supports all mandatory commands listed in the IPMI 
version 2.0 specification. See the IPMI version 2.0 specification for a listing of these commands. Also, the 
SMS should use the methods described in the specification for determining which IPMI features are 
enabled or disabled in the BMC (for example, using the Get Device ID command). 

If the server operating system is running and the health driver is enabled, any IPMI traffic through the KCS 
interface can affect the performance of the health driver and overall health performance of the system. Do 
not issue any IPMI commands through the KCS interface that could have a detrimental affect on the 
monitoring performed by the health driver. These commands include any commands that sets or changes 
IPMI parameters, such as Set Watchdog Timer and Set BMC Global Enabled. Any IPMI 
command that simply returns data is safe to use, such as Get Device ID and Get Sensor Reading. 

-Management compatibility overview 

The iLO 2 firmware implementation of WS-Management is in accordance with the specification, DTMF 
Web Services for Management 1 .0.0a. 

Authentication 

• iLO 2 uses basic authentication over SSL, compliant with profile: 

wsman : secprof ile/https /basic 

• Authenticated users are authorized to execute WS-Management commands in accordance with 
designated privileges in their local or directory accounts. 

• To enable basic authentication on Microsoft® Windows Vista™, at the command prompt, enter 
gpedit .msc to launch the Group Policy Object Editor. Select Computer Configuration> 
Administrative Templates> Windows Components> Windows Remote Management (WinRM)> 
WinRM Client. Set Allow Basic authentication to Enabled. 

Compatibility 

• WS-Management in iLO 2 are compatible with the Windows Vista™ WinRM utility, Microsoft® 
Operations Manager 3, and the Management Pack provided by HP. 

• The full set of WS-Management commands is available on iLO 2 servers that support embedded 
system health. A greatly reduced subset of these commands is available on servers without 
embedded systems health support. 

Commands are available for remote invocation of the following devices: 

• Server power 

• UID 
Status 

The WS-Management in iLO 2 returns status information for fans, temperatures, power supplies, and 
VRMs. 
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Command line 



Command line interface overview 

HP has worked with key industry partners within Distributed Management Task Force, Inc. to define an 
industry-standard set of commands. DMTF is working on a suite of specifications, Systems Management 
Architecture for Server, to standardize manageability interfaces for servers. The iLO 2 uses the command 
set defined in the Server Management Command Line Protocol Specification, 7 .00 Draft. The CLP is 
intended to replace the simple CLI. 

Command line access 

The iLO 2 features enable you to execute the supported commands from a command line. There are two 
interfaces through which the command line option can be accessed: 

• Serial port using one connection 

• Network using: 

o SSH enabling three simultaneous connections. IP address or DNS name, login name, and 
password are required to start a session using SSH. 

o Telnet protocol using three simultaneous connections. 

Any four network connections can be active simultaneously. After serial CLI is enabled on the Global 
Settings screen, the iLO 2 CLI is invoked by entering ESC (. The SSH and Telnet sessions start the after 
authentication. 

Using the command line 

After initiating a command line session, the iLO 2 CLI prompt appears. Each time a command is executed 
(or you exit the Remote Console or VSP) you will be returned to the CLI prompt as shown in the following 
example. 

hpiLO-> 

Each time a CLI command is executed, the returned output follows this general format: 

hpiLO-> {CLI command} 
status=0 

status_tag=COMMAND COMPLETED 
... output returned... 

hpiLO-> 

If an invalid command is entered, then the status and status_tag values reflects the error as shown: 

hpiLO-> boguscommand 
status=2 

status_tag=COMMAND PROCESSING FAILED 
error_tag=COMMAND NOT RECOGNIZED 

If an invalid parameter is given to a valid command, the response is slightly different: 
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hpiLO-> show /bad 
status=2 

status_tag=COMMAND PROCESSING FAILED 
error_tag=COMMAND ERROR-UNSPECIFIED 
Invalid property. 

hpiLO-> 

The following commands are supported in this release of CLP. The same command set is supported 
through the serial port, SSH, and telnet connections. 

The privilege level of the logged in user is checked against the privilege required for the command. The 
command is only executed if the privilege levels match. If the serial command line session status is set to 
Enabled-No Authentication, then all the commands are executed without checking the privilege 
level. 

The general syntax of CLP command is: 

<verb> <target> <option> <property> 

• Verbs— The supported verbs are: 
o cd 

o create 

o delete 

o help 

o load 

o reset 

o set 

o show 

o start 

o stop 

o exit 

o version 

• Target— The default target is the /. The target can be changed by the cd command or by specifying 
a target on the command line. 

• Options— The valid options are: 
o -help/-h 

o -all/-a 

• Properties are the attributes of the target that can be modified. 

• Output— The output syntax is: 
o status 

o status_tag 
o status_msg 

The valid Boolean values for any command are yes, no, true, false, y, n, t, and f . 
General notes 

If the commands on the CLP command span more than one line, you cannot navigate between different 
lines. 
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Operating system-specific notes: 

• Windows® 2000 telnet client does not support the Functions keys Fl,.., Fl 2, Insert, Home, and End 
keys. These keys do not work in an iLO 2 command line session. 

• The Backspace key in iLO 2 CLP implementation is mapped to the value 0x8. Some client operating 
systems such as, Novell Linux Desktop and Red Hat Enterprise Linux 4 Desktop map the Backspace 
key to the value 0x7f, which is used for the Delete key in Windows® telnet client. The Backspace 
key does not work from a client where it has value of 0x7f. For the Linux clients, using the Home or 
the End key enables the iLO 2 CLP service to remap the Backspace key to use the value 0x7f, 
making the key functional. 

In the Windows® PuTTy client, the Backspace key can be mapped to a value of 0x8 by changing the 
setting for Terminal Keyboard to Control-H. 



The escape key commands are short-cuts to popular tasks. 

• ESC ( invokes the serial CLI connection. This is not necessary for SSH or telnet sessions because 
they automatically start a CLI session after a successful login. 

• ESC Q stops the CLI session and terminates the SSH and telnet connection. 

• ESC R ESC r ESC R resets the system. 

• ESC A powers on the system. 

• ESC ESC erases the current line. 

There is a one second timeout for entering any of the escape sequence characters. 



• The help command displays context-sensitive help. 

Entering help displays all supported commands. Entering <command help/?> displays the help 
message specific to that command. 

• The exit command terminates the CLP session. 

• The cd command sets the current default target. The context works like a directory path. The root 
context for the server is "/" and this is the starting point for a CLP system. By changing the context, 
you can shorten commands. 

For example, to find the current iLO 2 firmware version, you could enter the command show 

/mapl/ firmware version. However, if you enter the cd /mapl/ firmware command, then a 
simple show version command displays the information. 

• The show command displays values of a property or contents of a collection target. For example: 

hpiLO-> show 
status=0 

status_tag=COMMAND COMPLETED 




commands 



Base commands 



/ 

Targets 
systeml 
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mapl 
Properties 
Verbs 

cd version exit show 

The first line of information returned by the show command is the current context. In the example, / 
is the current context. Following the context is a list of subtargets (Targets) and properties (Properties) 
applicable to the current context. The verbs (Verbs) section shows which commands are applicable 
to this context. 

You can also specify the show command with an explicit or implicit context as well as a specific 
property. For example, an explicit context is /mapl/f irmware and is not dependant on the current 
context, while an implicit context assumes that the context specified is a child of the current context. 
If the current context is /mapl then a show firmware command displays the /mapl/f irmware 
data. 

If you do not specify a property, then all properties are shown. In the case of the /mapl/f irmware 
context, there are two properties available: version and date. If you execute show 

/mapl/f irmware date, only the date is shown. 

• The create command creates a new instance of the MAP in the name space. 

• The delete command removes instances of the MAP in the name space. 

• The load command moves a binary image from a URL to the MAP. 

• The reset command causes a target to cycle from enabled to disabled, and back to enabled. 

• The set command sets a property or set of properties to a specific value, and resets iLO 2 to 
implement the changes. 

• The start command causes a target to change its state to a higher run level. 

• The stop command causes a target to change its state to a lower run level. 

• The version command queries the version of the CLP implementation or other CLP elements. For 
example: 

hpiLO-> version 
status=0 

status_tag=COMMAND COMPLETED 
SM-CLP Version 1 . 0 

• The oemhp ping command determines if an IP address is reachable from the current iLO 2. For 
example : 

oemhp ping 192.168.1.1 
where 192 . 168 . 1 . 1 is the IP address you are testing. 

Specific commands 

The following sections cover iLO 2 specific commands available when using the command line, including: 

• User commands (on page 14) 

• HP SIM SSO settings (on page 1 5) 

• Network commands (on page 1 6) 

• iLO 2 settings (on page 1 9) 

• iLO 2 embedded health settings (on page 20) 
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• SNMP settings (on page 22) 

• License commands (on page 23) 

• Directory commands (on page 23) 

• Virtual media commands (on page 25) 

• Start and reset commands (on page 27) 

• Firmware update (on page 29) 

• Eventlog commands (on page 29) 

• Blade commands (on page 30) 

• Boot commands (on page 3 1 ) 

• LED commands (on page 32) 

• System targets and properties ("System properties and targets" on page 32) 

• Other commands (on page 35) 

User commands 

User commands enable you to view and modify user settings. User settings are located at 
/mapl /accountsl . 

Targets 

All local users are valid targets. For example, if there are three local users with the login names 
Administrator, admin, and test, then valid targets would be: 

• Administrator 

• admin 

• test 
Properties 



Property 


Access 


Description 


username 


read/write 


Corresponds to the iLO 2 login 
name. 


password 


read/write 


Corresponds to the password for the 
current user. 


name 


read/write 


Displays the name of the user. If a 
name is not specified, the parameter 
uses the same value as the login 
name (username). This value 
corresponds to the iLO 2 user name 
property. 
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Property 


Access 


Description 


group 


read/write 


Specifies the privilege level. The 






valid values are as follows: 






• admin 






• config 






• oemhp_power 






• oemhp_rc 






• oemhp_vm 






If a group is not specified, no 






privileges are assigned to the user. 



Examples 

The current path is /mapl/accountsl. 

• create username=lnamel password=password 
In the example, username corresponds to the login name. 

• set lnamel username=lname2 password=passwordl name=name2 
group=admin, configure, oemhp power, oemhp vm, oemhp rc 

In the example, lnamel is the login name of the user. 

HP SIM SSO settings 

HP SIM SSO settings commands are accessed using /mapl/oemhp ssocfgl . You must have the 
Configure iLO 2 Settings privilege to change these properties. SSO is only supported for browser access 
from trusted HP SIM servers. SSO is a licensed feature. See the HP Integrated Lights-Out User Guide, for 
more information. 

Targets 

None 
Properties 



Property 


Access 


Description 


oemhp ssotrust 


Read/write 


The Single Sign-On 
required trust level. Valid 
values are disabled, all, 
name, and certificate. 


oemhp ssouser 


Read/write 


The privileges 
associated with the user 
role. Valid values are 
login, oemhp_rc, 
oemhp_power, 
oemhp_vm, config, 
admin 
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Property 


Access 


Description 


oemhp ssooperator 


Read/write 


The privileges 
associated with the 
operator role. Valid 
values are login, 
oemhp_rc, 
oemhp_power, 
oemhp_vm, config, 
admin. 


oemhp ssoadministrator 


Read/write 


The privileges 
associated with the 
administrator role. Valid 
values are login, 
oemhp_rc, 
oemhp_power, 
oemhp_vm, config, 
admin. 


oemhp ssoserver 


Read 


Contains 0 or more HP 
SIM Trusted Server 
records. Each record 
can contain a server 
name or a server 
certificate. 



Examples 

• To set the SSO trust level to trust by certificate: 

set oemhp_ssocf g/ oemhp_ssotrust = certificate 

• To assign user roles the login privilege: 

set oemhp ssocfg/ oemhp ssouser = login 

• To assign the operator role login, remote console, virtual power control, and virtual media 
privileges: 

set oemhp_ssocf g/ oemhp_ssooperator = 
login, oemhp rc, oemhp power, oemhp vm 

• To Add an HP SIM Trusted Server name record: 

cd mapl/oemhp ssocfg 

</mapl/oemhp ssocf g>hpiLO-> create = hpsiml.corp.net 

• To dynamically import a certificate from the specified server (hpsim2.corp.net): 

</mapl/oemhp_ssocfg>hpiLO-> load = hpsim2.corp.net 

• To delete oemhp_ssoserver with index 5. 

</mapl/oemhp ssocf g>hpiLO-> delete = 5 

• To display the complete iLO 2 SSO configuration: 

cd mapl /oemhp_ssocf g 
</mapl/oemhp ssocf g>hpiLO->show 

Network commands 

The network subsystems are located at: 

• /mapl /enetportl 

• /mapl /dhcpendptl 
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• /mapl /dnsendptl 

• /mapl /gatewayl 

• /mapl /dns server 1 

• /mapl /dnsserver2 

• /mapl /dnsserver3 

• /mapl /dhcpserverl 

• /mapl/settingsl 

• /mapl/vlanl 
Properties, Targets, and Verbs: 

• dhcpendptl 
Properties 

o EnabledState 

o OtherTypeDescription 

• dnsendptl 
Properties 

o EnabledState 

o HostName 

o DomainName 

o OtherTypeDescription 

• gatewayl 
Properties 

o Accesslnfo 
o AccessContext 

• dnsserverl 
o Properties 

— Accesslnfo 

— AccessContext 
o Verbs 

— cd 

— version 

— exit 

— show 

— set 

• dnsserver2 
Properties 

o Accesslnfo 
o AccessContext 
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• dnsserver3 
Properties 

o Accesslnfo 
o AccessContext 

• dhcpserverl 
Properties 

o Accesslnfo 
o AccessContext 

• settingsl 
o Targets 

DNSSettingsl 
Properties 

— DNSServerAddress 

— RegisterThisConnection 

— DomainName 

— DHCPOptionToUse 

WINSSettingDatal 
Properties 

— WINSServerAddress 

— RegisterThisConnection 

— DHCPOptionToUse 
o Verbs 

— cd 

— version 

— exit 

— show 

• StaticIPSettingsl 
Properties 

o oemhpSRoutel Address 
o oemhpGatewayl Address 
o oemhp_SRoute2Address 
o oemhp_Gateway2Address 
o oemhp_SRoute3Address 
o oemhp_Gateway3Address 
o DHCPOptionToUse 
Examples 

set /mapl/enetportl speed=100 

set / mapl/enetportl/lanendptl ipv4address=l 92. 1 68.0.1 3 subnetmask=255.255.252 
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You can specify one or more properties on the command line. If multiple properties are given on the same 
command line, they must to be separated by a space. 

iLO 2 is reset after network settings have been applied. 

iLO 2 settings 

The iLO 2 settings commands enable you to view or modify iLO 2 settings. iLO 2 settings are located at 
/mapl/configl . 

Targets 

No targets 



Properties 



Property 


Access 


Description 


oemhp enable 


Read/Write 


Enables or disables the iLO 2. 
Boolean values are accepted. 


oemhp timeout 


Read/Write 


Sets session timeout in minutes. 
Valid values are 15, 30, 60, 
and 120. 


oemhp passthrough 


Read/Write 


Enables or disables Terminal 
Services Passthrough. Boolean 
values are accepted. 


oemhp rbsuenable 


Read/Write 


Enables or disables RBSU 
prompt during POST. Boolean 
values are accepted. 


oemhp rbsulogin 


Read/Write 


Enables or disables login 
requirement for accessing RBSU. 
Boolean values are accepted. 


oemhp rbsushowip 


Read/Write 


Enables or disables iLO 2 IP 
address display during POST. 
Boolean values are accepted. 


oemhp rcconfig 


Read/Write 


Sets the Remote Console 
configuration. Valid values are 
enabled, disabled, or automatic. 


oemhp telnetenable 


Read/Write 


Enables or disables telnet. 


oemhp httpport 


Read/Write 


Sets the HTTP port value. 


oemhp sslport 


Read/Write 


Sets the SSL port value. 


oemhp report 


Read/Write 


Sets remote console port value. 


oemhp vmport 


Read/Write 


Sets virtual media port value. 


oemhp tsport 


Read/Write 


Sets Terminal Services port 
value. 


oemhp sshport 


Read/Write 


Sets the SSH port value. 


oemhp sshstatus 


Read/Write 


Enables or disables SSH. 
Boolean values are accepted. 


oemhp serialclistatus 


Read/Write 


Enables or disables CLP session 
through serial port. Boolean 
values are accepted. 
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Property 


Access 


Description 


oemhp ser ialcliauth 


Read/Write 


Enables or disables 
authorization requirement for 
CLP session through serial port. 
Boolean values are accepted. 


oemhp serialclispeed 


Read/Write 


Sets the serial port speed for the 
CLP session. The valid values are 
OAnn i oonn TRAnn ^Ann 

VOUU, 1 VZUU, O04UU, o/ouu, 
and 1 15200. 


oemhp minpwdlen 


KeQQ/ vv riTe 


Sets the rninirnurn password 
length requirement. 


oemhp_authfailurelogging 


Read/Write 


Sets the logging criteria for 
failed authentications. 


oemhp hotkey t 


Read/Write 


Sets the value for hotkey Ctrl+T. 


oemhp hotkey u 


Read/Write 


Sets the value for hotkey Ctrl+U. 


oemhp hotkey v 


Read/Write 


Sets the value for hotkey Ctrl+V. 


oemhp hotkey w 


Read/Write 


Sets the value for hotkey 
Ctrl+W. 


oemhp hotkey x 


Read/Write 


Sets the value for hotkey Ctrl+X. 


oemhp hotkey y 


Read/Write 


Sets the value for hotkey Ctrl+Y. 


oemhp rc aquire (not 
supported in iLO 2 vl .00) 


ixeaa/ vv riTe 


Enables or disables remote 
console acquire operations. 


(~i p TTi "h ti VinrrVi t~i^t"F mnn 

W d-l LLllkJ 11 J-U 11 k_> vZ- 1 1 lLL^U.OC^ 


ixeQQ/ vv riTe 


Enables or disables high 
performance mouse. 


oernnp_cornpuTer_iocK 


Ponrl AA/rito 
l\t?(J(J/ VV 1 lit? 


Console Computer Lock. 


oe m h p_e n f o rce_a es 


Read/Write 


Enable or disable enforcing 
AES/3DES encryption 



Examples 

set /mapl /conf igl oemhp_enable=yes oemhp timeout=30 

You can specify one or more properties in the command line. If multiple properties are given on the same 
command line, they must be separated by a space. 

oemhp_computer_lock command examples: 

set /mapl/conf igl oemhp computer lock = windows 

set /mapl /conf igl oemhp computer lock = custom, 1 gui,l 

set /mapl /conf igl oemhp computer lock = disabled 

For a complete list of oemhp_computer_lock custom keys, see the HP Integrated Lights-Out 2 User 
Guide. Any keys with a space must have the space replaced with an underscore. For example: 

set /mapl/conf igl oemhp computer lock = custom, SYS RQ 
set /mapl /conf igl oemhp computer lock = custom, SYS RQ 

2 embedded health settings 

iLO 2 embedded health commands enable you to display system embedded health information for fans, 
temperature sensors, voltage sensors, and the power supply. 
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iLO 2 embedded health CLP settings are located at /systeml/f an*, /systeml /sensor* , and 
/ systeml/powersupply*. 

Targets 

• Fan 

• Sensor 

• Power supply 
Properties 



Property 


Access 


Description 


DevicelD 


Read 


Displays fan, sensor, or power supply 
label number 


ElementName 


Read 


Displays fan, sensor, or power supply 
location 


Operationalstatus 


Read 


Displays fan, sensor, or power supply 
operational status 


VariableSpeed 


Read 


Displays if fan is operating at variable 
speed 


Desired Speed 


Read 


Displays the current fan speed 


HealthState 


Read 


Displays the health status of the fan, 
sensor, or power supply 


RateUnits 


Read 


Displays the reading units for temperature 
and voltage sensors 


CurrentReading 


Read 


Displays the current reading of sensor 


SensorType 


Read 


Displays the sensor type 


Oemhp_CautionValue 


Read 


Displays temperature sensor caution value 


Oemhp_CriticalValue 


Read 


Displays temperature sensor critical value 



Examples 

The command show systeml/f anl displays the system fanl properties. For example: 

/systeml/f anl 

Targets 
Properties 

DeviceID=Fan 1 

ElementName=I /0 Board 

Operational Status=Ok 

VariableSpeed=Yes 

DesiredSpeed=4 0 

HealthState=Ok. 

VRM power supplies are usually mapped to the sensor targets. The command show systeml/ sensor 1 
displays the VRM 1 properties. For example: 

/systeml/ sensor 1 

Targets 
Properties 

Device I D=VRM 1 
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ElementName=CPU 1 
Operational Status=Ok 
RateUnits=Volts 
CurrentReading=0 
SensorType=Voltage 
HealthState=Ok 
oemhp CautionValue=0 
oemhp CriticalValue=0 

Other sensor targets show system temperatures. The command show systeml/sensor3 displays one 
of the temperature zone properties. For example: 

/systeml /sensor 3 

Targets 
Properties 

DeviceID=Temp 1 

ElementName=I /0 Board Zone 

Operational Status=Ok 

RateUnits=Celsius 

CurrentReading=32 

SensorType=Temperature 

HealthState=Ok 

oemhp CautionValue=68 

oemhp CriticalValue=73 

SNMP settings 

SNMP settings commands enable you to view and modify SNMP settings. SNMP settings are available at 

/mapl/ snmpl. 

Targets 

None 
Properties 



Property 


Access 


Description 


accessinf ol 


Read/Write 


Sets the first SNMP trap destination 
address. 


accessinf o2 


Read/Write 


Sets the second SNMP trap destination 
address. 


accessinf o3 


Read/Write 


Sets the third SNMP trap destination 
address. 


oemhp iloalert 


Read/Write 


Enables or disables iLO 2 SNMP 
alerts. Boolean values accepted. 


oemhp agentalert 


Read/Write 


Enables or disables host agent SNMP 
alerts. Boolean values accepted. 


oemhp snmppassthru 


Read/Write 


Enables or disables iLO 2 SNMP pass- 
through. Boolean values accepted. 


oemhp imagenturl 


Read/Write 


Sets the Insight Manager Agent URL. 
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Property 


Access 


Description 


oemhp imdatalevel 


Read/Write 


Determines if the LOM device 
responds to anonymous XML queries. 
Valid selections can be enabled and 
disabled. 



Examples 

set /mapl/snmpl accessinf ol=l 92 . 1 68 . 0 . 50 oemhp imdatalevel=Enabled 

You can specify one or more properties on the command line. If there are multiple properties on the same 
command line, they must be separated by a space. 

License commands 

License commands enable you to display and modify the iLO 2 license. License commands are available 
at /mapl/. 

Targets 

None 

Commands 



Command 


Description 


cd 


Changes the current directory 


show 


Displays license information 


set 


Changes the current license 



Examples 

• set /mapl license=1234500000678910000000001 

• show /mapl license 



Directory commands 

Directory commands enable you to view and modify directory settings. Directory settings are available at: 

/mapl/oemhp dircfgl 

Targets 

None 

Properties 
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Property 


Access 


Description 


oemhp dirauth 


Read/Write 


Enables or disables directory 
authentication. Valid settings are as 
follows: 

• extended_schema— Uses HP 
extended schema 

• default_schema— Uses schema- 
free directories 

• disabled— Directory-based 
authentication is disabled 


oemhp localacct 


Read/Write 


Enables or disables local account 
authentication. This property can be 
disabled only if directory 
authentication is enabled. Boolean 
values accepted. 


oemhp dirsrvaddr 


Read/Write 


Sets the directory server IP address or 
DNS name. The schema-free 
directory configuration requires a 
DNS name. 


oemhp ldapport 


Read/Write 


Sets the directory server port. 


oemhp dirdn 


Read/Write 


Displays the LOM object 
distinguished name. This field is 
ignored when the schema-free 
directory configuration is used. 


oemhp dirpassword 


Read/Write 


Sets the LOM object password. This 
field is ignored when the default 
schema configuration is used. 


oemhp usercntxtl, 2 
... up to 15 


Read/Write 


Displays the directory user login 
search context. This field is not 
necessary when the schema-free 
directory configuration is used. 


oemhp group {n} name 
where n = 1 ..6 


Read/Write 


Displays security group distinguished 
name. Used with the schema-free 
directory configuration only. 


oemhp group {n} priv 
where n = 1 ..6 


Read/Write 


Assigns privileges to a group. Use a 
comma-separated list of the 
following: 

• 1 (Administer Group Accounts) 

• 2 (Remote Console Access) 

• 3 (Virtual Power & Reset) 

• h ^vinuai /vieaiaj 

• 5 (Configure iLO 2 Settings) 

Used with the schema-free directory 
configuration only. 



Examples 

• set /mapl/oemhp_dircfgl 



• set /mapl/oemhp dircfgl oemhp dirauth=def ault schema 
oemhp dirsrvaddr=adserv . demo . com 

You can define additional groups using additional set commands. 

You can specify one or more properties on the command line. If there are multiple properties on the same 
command line, they must be separated by a space. 

Virtual media commands 

Access to the iLO 2 virtual media is supported through the CLP. The virtual media subsystem is located at 
/mapl/oemhp vml. See the user guide for more information. 

Targets 

You can access the following sub-components of the virtual media. 



Target 


Description 


/mapl/oemhp vml /f loppydrl 


Virtual floppy or key drive 
device 


/mapl/oemhp vml/cddrl 


Virtual CD-ROM device 


Properties 



Property 



oemhp image 



oemhp connect 



oemhp_boot 



oemhp wp 



oemhp applet connected 



Access 



Read/Write 



Read 



Read/Write 



Read/Write 



Read 



Description 



The image path and name for virtual media access. 
The value is a URL with a maximum length of 80 
characters. 



Displays if a virtual media device is already connected 
through the CLP or scriptable virtual media. 



Sets the boot flag. The valid values are: 

• Never— Do not boot from the device. The value is 
displayed as No Boot. 

• Once— Boot from the device only once. The value 
is displayed as Once. 

• Always— Boot from the device each time the server 
is rebooted. The value is displayed as Always. 

• Connect— Connect the virtual media device. Sets 
oemhp_connect to Yes and oemhp_boot to 

Always. 

• Disconnect— Disconnects the virtual media device 
and sets the oemhp_boot to No Boot. 



Enables or disables the write-protect flag. Boolean 
values accepted. 



Indicates if the Java™ applet is connected. 



Image URL 

The oemhp image value is a URL. The URL, which is limited to 80 characters, specifies the location of the 
virtual media image file on an HTTP server and is in the same format as the scriptable virtual media image 
location. 



URL example: 
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protocol : / / username : passwords hostname : port/ filename 

o The protocol field is mandatory and must be either HTTP or HTTPS. 

o The username: password field is optional. 

o The hostname field is mandatory. 

o The port field is optional. 

o The filename field is mandatory. 

The CLP performs only a cursory syntax verification of the <URL> value. You must visually verify the 
URL is valid. 

Examples 

• set oemhp_image=http : / / imgserver . company . com/ image/ dosboot . bin 

• set 

oemhp image=http : / / j ohn : abcl2 3@ imgserver . company . com/VMimage/ installlDis 
k . iso 

iLO 1 .60 CLI support 

The vm simple CLI commands are still supported for virtual media: 

• vm device insert path— Inserts an image 

• vm device ej ect — Ejects an image 

• vm device get— Gets the status of the virtual media 

• vm device set boot access— Sets the status of the virtual media 
Command options: 

o Valid device names are floppy or cdrom 

NOTE: USB key drives must be used with the floppy keyword syntax. 



o The path is the URL to the media image 

o Boot options are boot_once, boot_always, no_boot, connect, or disconnect 

o Access options are write protect or write allow. 

For more information about how to use these commands, see the commands 
INSERT_VIRTUAL_MEDIA, EJECT_VIRTUAL_MEDIA, GET_VM_STATUS, and SET_VM_STATUS in the 
section"Using RIBCL (on page 70)." 

Tasks 

• Insert a floppy USB key image into the Virtual Floppy/USBKey: 

cd /mapl /oemhp vml / f loppydrl 
show 

set oemhp_image=http : / /my . image server . com/ f loppy img .bin 

set oemhp boot=connect 

show 

This example executes the following commands: 

o Change the current context to the floppy or key drive. 

o Show the current status to verify that the media is not in use. 

o Insert the desired image into the drive. 
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o Connect the media. The boot setting always connects automatically. 

• Eject a floppy or USB key image from the Virtual Floppy/USBKey: 

cd /mapl/oemhp vml / f loppydrl 
set oemhp boot=disconnect 

This example executes the following commands: 

o Change the current context to the floppy or key drive. 

o Issue the disconnect command that disconnects the media and clears the oemhp image. 

• Insert a CDROM image into the virtual CD-ROM: 

cd /mapl/oemhp vml/cddrl 
show 

set oemhp image=http :/ /my . imageserver . com/ ISO/install diskl.iso 

set oemhp boot=connect 

show 

This example executes the following commands: 

o Change the current context to the CD-ROM drive. 

o Show the current status to verify that the media is not in use. 

o Insert the desired image into the drive. 

o Connect the media. The boot setting always connects automatically. 

• Eject a CD-ROM image from the Virtual CD-ROM: 

cd /mapl/oemhp vml/cddrl 
set oemhp boot=disconnect 

This example executes the following commands: 

o Change the current context to the CD-ROM drive. 

o Issue the disconnect command that disconnects the media and clears the oemhp image. 

• Insert a CD-ROM image and set for single boot: 

cd /mapl/oemhp vml/cddrl 

set oemhp image=http :/ /my . imageserver . com/ ISO/install diskl.iso 
set oemhp boot=connect 
set oemhp_boot=once 
show 

This example executes the following commands: 

o Change the current context to the CD-ROM drive. 

o Show the current status to verify that the media is not in use. 

o Insert the desired image into the drive. 

o Connect the media. The boot setting always connects automatically, 
o Override the boot setting to Once. 

• Eject a CD-ROM image from the virtual CD-ROM in a single command: 

set /mapl/oemhp vml/cddrl oemhp boot=disconnect 

If you attempt to disconnect when the drive is not connected, you receive an error. 

Start and reset commands 

Start and reset commands enable you to power on and reboot the server containing iLO 2 or the iLO 2 
itself. 
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Command 


Description 


start 


Turns server power on 


stop 


Turns server power off 


reset hard 


Power cycles the server 


reset soft 


Warm boots the server 



Examples 

If the current target is /systeml, the following commands are supported: 
• start 



• stop 

• reset hard 

• reset soft 

If the current target is /mapl, the following commands are supported: 

• reset 

• reset soft 
iLO 1 .60 CLI support 

• power 

The power command is used to change the power state of the server and is limited to users with th 
Power and Reset privilege. 

o power— Displays the current server power state 
o power on— Turns the server on 
o power of f— Turns the server off 

o power reset — Resets the server (server power off followed by server power on) 
o power warm— Warm boots the server 

Instead of using the simple commands, the following examples show the new CLP format: 

o start /systeml— Turns the server on 
o stop /systeml— Turns the server off 
o reset /systeml — Resets the server 

o reset /systeml hard— Performs a coldstart reboot of the server 

o reset /systeml soft — Performs a warmstart reboot of the server 

o show /systeml enabledstate— Shows the current power state, for which enabled is 
powered on and disabled is powered off. 

• vsp 

The vsp command invokes a virtual serial port session. When in virtual serial port session, press 
Esc ( to return to the CLI. 

Instead of using the simple commands, the following example shows the new CLP format: 

start /systeml/oemhp vspl 

• remcons 
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The remcons command starts a Remote Console session and is limited to users with the Remote 
Console privilege. Only a text-based remote console is supported, similar to a telnet session. When 
in Remote Console session, enter Esc ( to return to the CLI. 

Instead of using the simple commands, the following example shows the new CLP format: 

start /systeml/consolel 

Firmware update 

Firmware commands enable you to display and modify the iLO 2 firmware version. Firmware settings are 
available at /mapl /firmware. 

Targets 

No targets 
Properties 



Property 


Access 


Description 


version 


read 


Displays the current firmware version. 


date 


read 


Displays the release date of the current 
firmware version. 



Command format 

load -source <URL> [<target>] 

where <URL> is the URL of firmware update image file on web server. The URL is limited to 50 characters 
in the iLO 1 .70 release of the firmware. 

URL example: 

protocol : / / username : passwords hostname : port/ filename 

o The protocol field is mandatory and must be either HTTP or HTTPS. 

o The username: password field is optional. 

o The hostname field is mandatory. 

o The port field is optional 

o The filename field is mandatory. 

The CLP only performs a cursory syntax verification of the <URL> value. You must visually ensure the 
URL is valid. 

Examples 

load -source http : / / imgserver . company . com/ firmware/ iloFWimage .bin 
load -source http : / / j ohn : abcl23@ imgserver . company . com/ firmware/ ilo . bin 

The [<target>] field is /mapl /firmware, and is optional if it is already the default target. 

Eventlog commands 

Eventlog commands enable you to display or delete the logs of both the system and iLO 2. Eventlog 
settings are available at: 

• /systeml /logl for the system event log 

• /mapl/logl for the iLO 2 event log 
Targets 
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record: 1 . . n, where n is the total number of records 
Properties 



Property 


Access 


Description 


number 


read 


Displays the record number for the event. 


severity 


read 


Displays the severity of the event. It can 
be informational, noncritical, critical, or 
unknown. 


date 


read 


Displays the event date. 


time 


read 


Displays the event time. 


description 


read 


Displays a description of the event. 



Examples 

• show /systeml/logl — Displays system event log. 

• show /mapl/logl — Displays the iLO 2 event log. 

• show /systeml/logl/recordn— Displays record n from the system event default text. 

• show /mapl/logl/recordn — Displays record n from the iLO 2 event log. 

• delete /systeml/logl — Deletes system event log. 

• delete /mapl/logl — Deletes iLO 2 event log. 

Blade commands 

Blade commands enable you to view and modify the values on a p-Class server. These values are 
available at /systeml/mapl/bladel. 

Targets 

You can access the following subcomponents of the blade: 



Target 


Description 


/ mapl/bladel/diagport 


Displays and modifies the front diagnostic port 
settings. 


/map 1 /blade 1 / rack 


Displays and modifies the blade rack settings. 


/map 1 /blade 1 / rackl / enclo 
surel 


Displays and modifies the blade enclosure 
settings. 



Properties 



Property 


Access 


Description 


bay name 


Read 


Displays and modifies the blade bay 
name. 


bay number 


Read 


Displays the blade bay number. 


facility power 


Read 


Displays and modifies if the blade 48 
V power is provided by the facility. 


auto power 


Read 


Displays and modifies if the blade is 
enabled to automatically power up. 
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Property 


Access 


Description 


1 nrr Pi 1 P 1 t1~ ^ 


Read/ writ© 


Displays and modifies if rack alert 
logging is enabled. 


fiqpl 
U U L vO _L ^ ^ 


Recid/ write 


Displays and modifies the diagnostic 
port autoselect setting. 


speed 


Read/ write 


Displays and modifies the diagnostic 
port speed setting. 


f ullciuplex 


Read/ write 


Displays and modifies if the diagnostic 
port supports full-duplex or half-duplex 
mode. 


J_ k_v CL vAVJ. J_ ^ o o 


Read/ write 


Displays and modifies the IP address 
for the diagnostic port. 


mask 


Read/ write 


Displays and modifies the subnet mask 
for the diagnostic port. 


rack name 


Read/ write 


Displays and modifies the rack name. 


rack sn 


Read 


Displays the rack serial number. 


encl name 


Read/ write 


Displays and modifies the enclosure 
name. 


ser 


Read 


Displays the enclosure serial number. 


encl type 


Read 


Displays the enclosure type. 



Examples 

• set /mapl/bladel/bay name=BayOne— Sets the blade bay name to BayOne. 

• show /mapl/bladel/diagportl/ipaddress — Displays the IP address of the front diagnostic 
port. 

• show /mapl/bladel/rackl/enclosurel (N) /encl type — Displays the enclosure type for 
blade enclosure N. 

Boot commands 

Boot commands enable you to modify the boot source and boot order of the system. Boot settings are 
available at /system 1/bootconfigl . 

Targets 

bootsourcel..n, where n is the total number of boot sources 
Sets the boot source for the system. The possible values are: 

• BootFmCd : bootsourcel 

• BootFmFloppy : bootsource2 

• BootFmDrive : bootsource3 

• BootFmNetwork : bootsource4 
or 

• BootFmCd : bootsourcel 

• BootFmFloppy : bootsource2 
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• BootFmDrive : bootsource3 

• BootFmUSBKey : bootsource4 

• BootFmNetwork : bootsource5 
Properties 



Property 


Access 


Description 


bootorder 


Read/write 


Sets the boot order for a given boot source 



Examples 

• set /systeml/bootconf igl/bootsource (n) bootorder= (num) 

• show /system/bootconf igl — Displays the complete boot configuration 

• show /systeml/bootconf igl/bootsourcel — Displays bootorder for bootsourcel 

LED commands 

LED commands are used to change the state of the UID light on the server. LED settings are available at 
/system 1 /led 1 . 



Property 


Description 


start 


Turns the LED on. 


stop 


Turns the LED off. 


show 


Displays the LED status. 



Examples 

• show /systeml/ledl — Displays current LED status 

• start /systeml/ledl— Turns LED on 

• stop /systeml/ledl— Turns LED off 
iLO 1 .60 CLI support 

Simple UID CLI commands introduced in iLO 1 .60 are still supported. 

• uid— Displays the current UID state on the server. 

• uid on— Turns the UID light on. 

• uid of f— Turns the UID light off. 

Instead of using the simple commands, the following examples show the new CLP format: 

• show /systeml/ledl— verifies LED status 

• start /systeml/ledl— Turns LED on 

• stop /systeml/ledl— Turns LED off 

System properties and targets 

The properties and targets, described in this section, provide information about the server. 
Targets 
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Target 


Description 


oemhp PresentPower 


Displays the average power reading from the 
last sample. 


oemhp AveragePower 


Displays the average power reading from the 
past 24 hours. 


oemhp MaxPower 


Displays the greatest peak power reading 
from the past 24 hours. 


oemhp MinPower 


Displays the minimum averaqe power readinq 
from the past 24 hours. 


warning type 


Displays and modifies the warning type. 


warning threshold 


Displays and modifies the warning threshold 
for power consumption. 


warning duration 


Displays and modifies the duration the power 
threshold must be exceeded before a warning 
is generated. 


The following properties are available in /systeml. 



Property 


Access 


Description 


name 


Read 


Displays the system name. 


number 


Read 


Displays the system serial number. 


oemhp server name 


Read 


Di^n nv/s the host server nnmp 
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string. This string can be up to 50 
characters in length, and requires 
the configure iLO 2 privilege to 
change. 


enabledstate 


Read 


Appears if the server is powered 
up. 


oemhp powerreg 


Read/write 


Displays the setting for dynamic 
power saver mode. Valid values 
are dynamic, min, max, and os. 


processor number 


Read 


Displays the number of logical 
processors in the system. 


pstate number 


Read 


Displays the number of p-states 
supported by the server. 


oemhp pwrcap 


Read/write 


Displays the current power cap of 
the server. The value is shown in 
watts. 

You cannot set this property when 
a dynamic power cap is set for 
the Enclosure. Enclosure Dynamic 
Power Caps is set and modified 
using either Onboard 
Administrator or Insight Power 
Manager. 


oe m h p_powe r_m ic ro_ver 


Read 


Displays the version and current 
state of the power micro option. 



Examples 

• show /systeml 

• show /systeml name 

• set /systeml oemhp powergov=auto 

The cpu property is a target of /systeml and displays information about the system processor. The 
following properties are available in /systeml/cpu<n>: 



Property 


Access 


Description 


speed 


Read 


Displays the processor speed. 


cachememoryl 


Read 


Displays the size of the processor level- 1 
cache. 


cachememory2 


Read 


Displays the size of the processor level-2 
cache. 


logical_processor<n> 


Read 


Displays the logical processor. 



CPU power state — Enables you to examine the CPU power states. CPU power state values are shown 
as a part of the cpu target and use an additional property of logical_processor<n>. 

Example: 

The show cpul/logical processorl command displays the p-states of the processor: For example: 

/systeml /cpul /logical_processorl 

Targets 
Properties 

current_pstate=l 

pstateO_avg=0 . 0 

pstatel_avg=l 0 0 . 0 

pstate2_avg=0 . 0 

pstate3_avg=0 . 0 

pstate4_avg=0 . 0 

pstate5_avg=0 . 0 

pstate6_avg=0 . 0 

pstate7_avg=0 . 0 



Memory — Displays information about the system memory. 

The following properties are available in / systeml /memory<n>: 



Property 


Access 


Description 


size 


Read 


Displays the memory size. 


speed 


Read 


Displays the memory speed. 


location 


Read 


Displays the location of the memory. 



Slot— Displays information about the system slots. 

The following properties are available in /systeml/slot<n>: 



Property 


Access 


Description 


type 


Read 


Displays the slot type. 
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Property 


Access 


Description 


width 


Read 


Displays the slot width. 


Firmware — Displays information about the system ROM. 


The following properties are available in /systeml/f irmware: 


Property 


Access 


Description 


version 


Read 


Displays the version of the system ROM. 


date 


Read 


Displays the date the system ROM. 



ixamples: 

» show /systeml/cpul displays information on one CPU. 

» show /systeml/memoryl displays information on one memory slot. 

» show /systeml/slotl displays information on one slot. 

» show /systeml/f irmwarel displays information about system ROM. For example: 

/ systeml / f irmwarel 

Targets 
Properties 

version=P5 6 

date=01/05/2006 

NOTE: systeml/cpu, systeml /memory, and systeml/slot are not supported in iLO 
1.81. 



Other commands 

• start /systeml/oemhp vspl— Starts virtual serial port session. Press ESC ( to revert back to the 
CLI session. 

• nmi server— Generates and sends an NMI to the server and is limited to users with the Power 
and Reset privilege. 
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Telnet 



Telnet support 

iLO 2 supports the use of telnet to access the iLO 2 command line interface. Telnet access to iLO 2 
supports the CLI, which can invoke a Remote Console connection as well as a Virtual Serial Port 
connection. Refer to the "Command line (on page 1 0)" section for more information. 

Using Telnet 

To use telnet, the iLO 2 Remote Console Port Configuration and Remote Console Data Encryption on the 
Global Settings screen must be configured as follows: 

1. Set the Remote Console Port Configuration to Enabled. 

2. Set the Remote Console Data Encryption to No. 

You can open either a telnet based Remote Console session or a browser-based Remote Console session. 
You cannot open both at the same time. An error message is generated if both sessions are opened 
simultaneously. 

To access iLO 2 using telnet: 

1. Open a telnet window. 

2. When prompted, enter the IP address or DNS name, login name, and password. 

NOTE: Access through telnet will be disabled, if the remote console port configuration on the 
Global Settings tab is set to Disabled or Automatic, or if remote console data encryption is 
enabled. 

To terminate a telnet session: 

1. Press the Qrl+] keys and press the Enter key at the prompt. 

2. If you see an extra carriage return each time the Enter key is pressed, press the Ctrl+] keys and enter 
set crlf of f at the prompt. 

Refer to "iLO 2 VT1 00+ Key Map (on page 37)" for a complete list of key sequences. 

Telnet simple command set 

The following key sequences for simple command set are available for use during telnet sessions. These 
commands are available only when in a telnet-based Remote Console or Virtual Serial Port session. 



Action 


Key sequence 


Comment 


POWER ON 


CTRL P 1 


CTRL P is the prefix for the Power 
commands. The 1 indicates an ON 
selection. 
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Arfinn 


i\tfy bcuuciict; 


Valium ici ii 


POWER OFF 


CTRL P 0 


CTRL P is the prefix for the Power 
commands. The 0 indicates an 
OFF selection. 


ACPI PRESS 


CTRL P 6 


CTRL P is the prefix for the Power 
commands. The 6 indicates an 
ACPI power press. The ACPI 
power press is equivalent to 
holding the power button for 
approximately 6 seconds. 


SYSTEM REBOOT 


CTRL P ! 


CTRL P is the prefix for the Power 
commands. The ! indicates an 
immediate emergency reboot. 


UIDON 


CTRL U 1 


CTRL U is the prefix for the UID 
commands. The 1 indicates an ON 
selection . 


UIDOFF 


CTRL U 0 


CTRL U is the prefix for the UID 
commands. The 0 indicates an 
OFF selection. 



The keys do not work before authentication. The power control requests are correctly ignored when you 
do not have the correct power control privileges. 

Telnet security 

Telnet is an unsecured network protocol. To reduce any security risks: 

• Use SSH instead of telnet. SSH is essentially secure or encrypted telnet. CLI is supported through 
telnet as well as SSH. 

• Use a segregated management network. Preventing unauthorized access to the network segment 
prevents unauthorized activity. 

Supported key sequences 

iLO 2 supports the VT100+ protocol. The following tables define the supported key sequences. 

iLO 2 VT100+ key map 

The following are VT100+ key sequences. 

• Many terminal programs send CR-LF when they mean ENTER. 

Sequence "\r\n" = '\r' 

• Some terminals send ASCII 127 (DEL) when they mean backspace. The Delete key never sends 
DEL. It sends "\e[3~". 

• Some programs use the following mapping for HOME and END: 

sequence "\e[H" = HOME_KEY 
sequence "\e[F" = END_KEY 

• ALT_CAPITAL_0 and ALT_LEFT_SQBRACKET are ambiguous. 
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• Terminate longer sequences that start with \eO and \e [), with \?. 



Kan 

i\ey 


oequence 


i\ey 


oequence 


\010 


\1 77 


ALT_AMPER 


\e& 


1 ID l/CV 

Ur_KEY 


\e[A 


AIT ADAC 

ALT_ArOb 


\e 


DOWN_KEY 


\e[B 


ALT_OPAREN 


\e( 


RIGHT_KEY 


\e[C 


ALT_CPAREN 


\e) 


LEFT_KEY 


\e[D 


ALT_STAR 


\e* 


ALT_A 


\eA 


ALT_PLUS 


\e+ 


ALT_B 


\eB 


ALT_COMMA 


\e, 


ALT_C 


\eC 


ALT_MINUS 


\e- 


ALT_D 


\eD 


ALT_PERIOD 


\e. 


ALT_E 


VE 


ALT_SLASH 


w 


ALT_F 


VF 


ALT_COLON 


\e: 


ALT_G 


\eG 


ALT_SEMICO 


\e; 


AIT H 
ml i n 


\oH 
\en 


AIT IF^ 

ML 1 LCOO 


\e< 


ALT_I 


\el 


ALTJQUAL 


\e= 


ALT_J 


\eJ 


ALT_MORE 


\e> 


ALT_K 


\eK 


ALT_QUES 


\e? 


ALT_L 


\eL 


ALT_AT 


\e@ 


ALTJrt 


\eM 


ALT_OPENSQ 


\e[\? 


ALT_N 


\eN 


ALT_BSLASH 


\e\\ 


ALT_0 


\eO\? 


ALT_CLOSESQ 


V] 


ALT_P 


VP 


ALT_CARAT 


\e A 


ALT_Q 


\eQ 


ALT_USCORE 


\e_ 


ALT_R 


\eR 


ALT_ACCENT 


V 


ALT_T 


\eT 


ALT_PIPE 


VI 


ALT_U 


\eU 


ALT_CBRACK 


V} 


ALTV 


\eV 


ALTJILDE 


\e~ 


ALT_W 


\eW 


ALTJAB 


\e\t 


ALT_X 


\eX 


ALT_BS 


\e\010 


ALT_Y 


\eY 


ALT_CR 


\e\r 


ALT_Z 


\eZ 


ALT_ESC 


\e\e\? 


ALT_LOWER_A 


\ea 


ALT_F1 


\e\eOP 


ALT_LOWER_B 


\eb 


ALT_F2 


\e\eOQ 


ALT_LOWER_C 


\ec 


ALT_F3 


\e\eOR 
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Key 


Sequence 


Key 


Sequence 


ALT_LOWER_D 


\ed 


ALT_F4 


\e\eOS 


ALT_LOWER_E 


\ee 


ALT_F5 


\e\eOT 


ALT_LOWER_F 


\ef 


ALT_F6 


\e\eOU 


ALT_LOWER_G 


\eq 


ALT_F7 


\e\eOV 


ALT_LOWER_H 


\eh 


ALT_F8 


\e\eOW 


ALT_LOWER_l 


\ei 


ALT_F9 


\e\eOX 


ALT_LOWER_J 


\ei 


ALT_F10 


\e\eOY 


ALT_LOWER_K 


\ek 


ALT_F1 1 


\e\eOZ 


ALT_LOWER_L 


\el 


ALT_F12 


\e\eO[ 


ALT_LOWER_M 


\em 


ALT_F5 


\e\e[15~ 


ALT_LOWER_N 


\en 


ALT_F6 


\e\e[17~ 


ALT_LOWER_0 


\eo 


ALT_F7 


\e\e[18~ 


ALT_LOWER_P 


\ep 


ALT_F8 


\e\e[19~ 


ALT_LOWER_Q 


\eq 


ALT_F9 


\e\e[20~ 


ALT_LOWER_R 


\er 


ALT_F10 


\e\e[21~ 


ALT_LOWER_S 


\es 


ALT_F1 1 


\e\e[23~ 


ALT_LOWER_T 


\et 


ALT_F12 


\e\e[24~ 


ALT_LOWER_U 


\eu 


ALT_HOME 


\e\e[l~ 


ALT_LOWER_V 


\ev 


ALT_INS 


\e\e[2~ 


ALT_LOWER_W 


\ew 


ALT_DEL 


\e\e[3~ 


ALT_LOWER_X 


\ex 


ALTJND 


\e\e[4~ 


ALT_LOWER_Y 


\ey 


ALT_PGUP 


\e\e[5~ 


ALT_LOWER_Z 


\ez 


ALT_PGDN 


\e\e[6~ 


ALT_SPACE 


\e\040 


ALT_HOME 


\e\e[H 


ALT_EXCL 


\e! 


ALT_END 


\e\e[F 


ALT_QUOTE 


\e\" 


ALTJJP 


\e\e[A 


ALT_POUND 


\e# 


ALT_DOWN 


\e\e[B 


ALT_DOLLAR 


VS 


ALT_RIGHT 


\e\e[C 


ALT_PERCENT 


\e% 


ALT_LEFT 


\e\e[D 



VT1 00+ codes for the F-keys 



Key 


Sequence 


F1_KEY 


\eOP 


F2_KEY 


\eOQ 


F3_KEY 


\eOR 


F4_KEY 


\eOS 


F5 KEY 


\pOT 


F6 KEY 


\pOU 


F7 KEY 


\eOV 


F8 KEY 


\eOW 


F9_KEY 


\eOX 


Fl 0_KEY 


\eOY 


Fl 1_KEY 


eOZ 


Fl 2_KEY 


\eO[ 



Linux codes for the F-keys 



Key 


Sequence 


F5_KEY 


\e[15~ 


F6_KEY 


\e[17~ 


F7_KEY 


\e[18~ 


F8_KEY 


\e[19~ 


F9_KEY 


\e[20~ 


Fl 0_KEY 


\e[21~ 


Fl 1_KEY 


\e[23~ 


Fl 2_KEY 


\e[24~ 


HOME_KEY 


\e[l~ 


INSERT_KEY 


\e[2~ 


DELETE_KEY 


\e[3~ 


END_KEY 


\e[4~ 


PG_UP 


\e[5~ 


PG_DOWN 


\e[6~ 
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SSH overview 

SSH is a telnet-like program for logging into and for executing commands on a remote machine, which 
includes security with authentication, encryption, and data integrity features. iLO 2 can support 
simultaneous access from two SSH clients. After SSH is connected and authenticated, the command line 
interface is available. 

iLO 2 supports: 

• SSH protocol version 2 

• PuTTY 0.54, which is a free version of telnet and SSH protocol available for download on the 
Internet. When using PuTTY, versions before 0.54 might display 2 line feeds instead on a single line 
feed, when the ENTER key is pressed. To avoid this issue and for best results, HP recommends using 
version 0.54 or later. 

• OpenSSH, which is a free version of the SSH protocol available for download on the Internet. 

When upgrading the firmware, there is a one-time 25-minute delay before SSH functionality is available. 
During this time, iLO 2 generates the 1 024-bit RSA and DSA keys. These keys are saved by iLO 2 for 
future use. If iLO 2 is reset to factory defaults, the RSA and DSA keys are erased and are regenerated on 
the next boot. 

SSH features supported by iLO 2 

The iLO 2 library supports only version 2 (SSH-2) of the protocol. The features that are supported are 
listed in the following table. 



Feature 


Supported algorithm 


Server host key algorithms 


sshdsa , ssh-rsa 


Encryption (same set supported both 
ways) 


3des-cbc, aesl 28-cbc 


Hashing algorithms 


hmac-shal, hmac-md5 


Public key algorithms 


sshdss, ssh-rsa 


Key exchange 


Diffie-hellman-groupl -shal 


Compression 


None 


Language 


English 


Client/User authentication method 


Password 


Authentication timeout 


2 minutes 


Authentication attempts 


3 


Default SSH port 


22 
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Using Secure Shell 

Using SSH 

To access iLO 2 using SSH: 

1. Open an SSH window. 

2. When prompted, enter the IP address or DNS name, login name, and password. 
Using OpenSSH 

To start an OpenSSH client in Linux, use: 

ssh -1 loginname ipaddress/dns name 

Using PuTTY 

• To start a PuTTY session, double-click the PuTTY icon in directory where PuTTY is installed. 

• To Start a PuTTY session from the command line: 
o To start a connection to a server called host: 

putty.exe [-ssh | -telnet | -rlogin | -raw] [user@]host 
o For telnet sessions, the following alternative syntax is supported: 

putty.exe telnet :/ /host [: port ] / 
o To start an existing saved session called sessionname: 

putty.exe -load "session name" 

SSH key authorization 

SSH key-based authentication enables HP SIM to connect to LOM devices through SSH and be 
authenticated and authorized to perform administrative-level tasks. The CLP is utilized to perform tasks. HP 
SIM can perform these tasks on multiple LOM devices nearly simultaneously, at scheduled times. HP SIM 
provides a menu-driven interface to manage and configure multiple targets. Enhancements to HP SIM are 
provided by tool definition files. 

HP SIM can perform actions on target devices utilizing an SSH interface that requires private key-based 
authentication. If HP SIM is enabled to integrate more fully with LOM devices, SSH key-based 
authentication is implemented in iLO 2. 

An HP SIM instance will be established as a trusted SSH client by installing its public key in iLO 2. This is 
completed either manually through a Web-based GUI, or automatically with the mxagentconfig utility. 

SSH keys do not need to be created to use SSH in interactive mode. To use SSH in interactive mode, see 
the "SSH overview (on page 41 )" section. 
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Tool definition files 



TDEF files extend the menu system of HP SIM to provide the CLP commands that HPSIM transmits to iLO 2 
through an SSH connection. 
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Mxagentconfig 

Mxagentconfig is a utility used to export and install HP SIM public SSH keys into other systems. This utility 
simplifies the process and can install the public key on many systems simultaneously. Mxagentconfig will 
make an SSH connection to iLO 2, authenticate with a user name and password, and transmit the 
necessary public key. iLO 2 stores this key as a trusted SSH client key. 

Importing SSH keys from PuTTY 

The public key file format generated by PuTTY is not compatible with iLO 2. The following example 
illustrates, a PuTTY generated public key file: 

BEGIN SSH2 PUBLIC KEY 

Comment: "Administrator" 

AAAAB3NzaClyc2EAAAABJQAAAIB0x0wVO9itQBllo+tHnY3VvmsGgwghCyLOVzJl 
3A9F5yzKj+RXJVPxOGusAhmJwF8PBQ9wV5E0Rumm6gNOaPyvAMJCG/10PW7Fhacl 
VLt8i5F3Lossw+/LWa+6H0dal3TF2vq3ZoYFUT4esC6YbAACM7kLuGwxF5XMNR2E 
Foup3w== 

END SSH2 PUBLIC KEY 

iLO 2 expects public key file information on a single line. You must use the PuTTY Key Generator 
(puttygen.exe) utility to import a correctly formatted SSH key for use with iLO 2. 

To import SSH keys to iLO 2 from PuTTY: 

1. Double-click the PuTTY Key Generator icon to launch the utility. 

2. Select SSH-2 RSA, and then click Generate. 
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On the key area, move the mouse around to generate the key. You must keep moving the mouse 
until the key generation process is complete. 
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3. After the key is generated, replace the key comment with your iLO 2 user name. (The user name is 
case-sensitive.) 

4. Select all the text in the public key area. Copy the key and paste it into a Notepad session. 

5. Return to the PuTTY Key Generator utility. 

6. Click Save private key to save, and then enter a file name when prompted, for example, 
c:\bchan.ppk. 

7. Return to Notepad. 

8. Save the public key file. Click File>Save As, and then enter a file name when prompted, for 
example, c:\bchan.pub. 
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9. Log into iLO 2 (if not already open). 

10. On the iLO 2 SSH Key Administration page, click Browse, and then locate the public key file. 

11. Click Authorize Key. A new Authorized SSH key appears in the list. 

12. Launch PuTTY. 
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13. Select SSH>Auth. 

14. Click Browse, and locate the private key file. 

15. Configure your iLO 2 IP, and then click Open. iLO 2 prompts for a user name. 



PuTTY Configuration 
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16. Enter the logon name associated with the public key. The public key in iLO 2 authenticates with the 
private key in PuTTY. If the keys match, you are logged into iLO 2 without using a password. 

Keys can be created with a key passphrase. If a key passphrase was used to generate the public 
key, you are prompted for the key passphrase before you log into iLO 2. 

porting SSH keys generated using ssh-keygen 

After generating an SSH key using ssh-keygen and creating the key. pub file, you must do the following: 

1. Locate and open the key. pub file with a text editor. The file should begin with the text ssh-dss or 
ssh-rsa. 

2. At the end of the line, append a " " (space) and the name of a valid iLO 2 user name as shown on 
the Modify User page. For example: xxx some text_xxx ASmith 

The user name is case-sensitive and must match the case of the iLO 2 user name to associate the SSH 
key with the correct user. 

3. Save and close the file. 



The key file is ready to import and authorize. 



Secure Shell 45 



Group administration and iLO 2 scripting 



The Lights-Out Configuration Utility (CPQLOCFG.EXE) is a Microsoft® Windows®-based utility that 
connects to the iLO 2 using a secure connection over the network. RIBCL scripts are passed to the iLO 2 
over the secure connection to CPQLOCFG. This utility requires a valid user ID and password with the 
appropriate privileges. The CPQLOCFG utility can be launched from HP SIM for Group Administration or 
used independently from a command prompt for batch processing. This utility can be downloaded from 
the HP website ( http://hl 8004. www 1 .hp.com/support/files/lights-out/us/index.html ). 

Version 2.27 or later of CPQLOCFG.EXE is required to support all features of iLO 1 .93 and later and iLO 
2 1 .00 and later. 

HP SIM discovers iLO 2 devices as management processors. The Lights-Out Configuration Utility sends a 
RIBCL file to a group of iLO 2s to manage the user accounts for those iLO 2 devices. The iLO 2 devices 
then perform the action designated by the RIBCL file and send a response to the log file. 

The Lights-Out Configuration Utility is used to execute RIBCL scripts on the iLO 2 and must reside on the 
same server as HP SIM. The Lights-Out Configuration Utility generates two types of error messages: 
runtime and syntax. 

• Runtime errors occur when an invalid action is requested. Runtime errors are logged to the 
C:\PROGRAM FILES\INSIGHT MANAGER\HP\SYSTEMS directory. 

• Syntax errors occur when an invalid XML tag is encountered. When a syntax error occurs, the Lights- 
Out Configuration Utility stops running and logs the error in the runtime script and output log file. 

Syntax errors take the format of Syntax error: expected X but found Y. For example: 

Syntax error: expected USER__LOGIN=userlogin but found USER_NAME=username. 

For a complete listing of errors, see "Using RIBCL (on page 70)." 



If configured to do so, the iLO 2 device will return some identifying information in response to an 
unauthenticated XML query. By default, the iLO 2 is configured to return this information. To disable this 
feature, set the CIM_SECURITY_MASK in the MOD_SNMP_IM_SETTINGS command to disallow returned 
information. 

To obtain unauthenticated identifying information, submit the following command to the iLO 2 web server 
port: 

https : / / <iloaddress>/ xmldata?item=all 

A typical response to this command is: 

<?xml version=" 1 . 0 " ?> 
<RIMP> 

<HSI> 

<SBSN>00 04PBM158</SBSN> 




Unauthenticated XML query 
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<SPN>ProLiant DL380 G5</SPN> 

<UUID>122 657 0 0 04PBM158</UUID> 

<SP>K/SP> 
</HSI> 
<MP> 

<ST>K/ST> 

<PN>Integrated Lights-Out 2 (iLO 2)</PN> 

<FWRI>1 . 10</FWRI> 

<HWRI>ASIC: 5</HWRI> 

<SN>ILO0 0 04PBM158</SN> 

<UUID>ILO122 657 0 0 04PBM158</UUID> 

</MP> 
</RIMP> 

Query definition in HP SIM 

To group all of the iLO 2 devices, log in to HP SIM and create a query. 
To create the query: 

1. Log in to HP SIM. 

2. Click Device in the navigation bar on the top left side of the screen. 

3. Click Queries>Device. 

4. Locate the Personal Queries section in the main window. If a query category exists, proceed to 
step 7, otherwise proceed to step 5. 

5. Click New to create a new category. For this example, the name of the new category is RIB Cards. 
Click Create Category. 

6. Click Queries to return to the Device Queries screen. 

7. Click New, within the appropriate query category, to open the Create/Edit Query screen where the 
query definition is created. 

8. Define the query name, for example "Mgmt Processors." 

9. Select Device(s) of type, and then select Devices by product name. In the criteria windows, set the 
product name to HP Integrated Lights-Out 2. 

10. Click type in the Query Description field. A window opens where you define the device type. 

1 1 . Select Management Processor and click OK. 

12. Click Save to return to the Device Query screen. 

13. Find the newly created query in the appropriate query category, and click the query name to run it 
for verification. 

14. Click Overview on the left side of the screen after the verification has taken place. The initial page 
for devices opens. 

Application Launch using HP SIM 

The Application Launch combines the RIBCL, the Lights-Out Configuration Utility, and the query definition 
to manage the Group Administration of the iLO 2s. 
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To create an Application Launch task: 

1. Click Device in the navigation bar on the top left side of the screen. 

2. Click Tasks to open the Tasks screen. 

3. Click New Control Task and select Application Launch from the dropdown menu to open the 
Create/Edit Task screen. 

4. Enter the full path and name for the Lights-Out Configuration Utility in the area provided. If the 
CPQLOCFG.EXE file is in the root directory of the C:\ drive, then the path is C:\cpqlocfg.exe. 

5. Enter the parameters in the area provided. HP SIM requires the following parameters for the Lights- 
Out Configuration Utility: 

-F is the full path of the RIBCL file name. 

-V is the verbose message (optional). 

If the RIBCL file is in the root directory of on the C:\ drive, then the parameters are: 

-F C:\MANAGEUSERS.xml -V 

NOTE: The -L parameter cannot designate an output log file. A default log file named with the 
DNS name or the IP address is created in the same directory where CPQLOCFG is launched. 

6. Click Next. A screen displays the options for naming the task, defining the query association, and 
setting a schedule for the task. 

7. Enter a task name in the Enter a name for this task field. 

8. Select the query that had been created earlier, for example "Mgmt Processors." 

9. Click Schedule to define when the Application Launch task will run. A schedule configuration 
window appears. 

10. Click OK to set the schedule. 

NOTE: The default schedule for a control task is Now. 



11. Click Finish to save the Application Launch task. 

12. Click the Execute a Task icon (the green triangle) to execute the Group Administration. 

tch processing using the Lights-Out Configuration 
lity 

Group Administration can also be delivered to iLO 2 through batch processing. The components used by 
batch processing are the Lights-Out Configuration Utility, an RIBCL file, and a batch file. 

The following example shows a sample batch file that can be used to perform the Group Administration 
for iLO 2: 

REM Updating the HP Integrated Lights-Out 2 board 

REM Repeat line for each board to be updated 
REM 

CPQLOCFG -S RIB1 -F C : \ . . . SCRI PT . XML -L RIB1L0G.TXT -V 

CPQLOCFG -S RIB2 -F C : \ ... SCRI PT . XML -L RIB2LOG.TXT -V 

CPQLOCFG -S RIB3 -F C : \ ... SCRI PT . XML -L RIB3LOG.TXT -V 
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RIBNLOG -S RIBN -F C : \ . . . SCRI PT . XML -L LOGFILE.TXT -V 



The Lights-Out Configuration Utility overwrites any existing log files. 

s-Out Configuration Utility parameters 

• The -S switch is the switch that determines the iLO 2 that is to be updated. This switch is either the 
DNS name or IP address of the target server. 

Do not use this switch if you are launching from HP SIM. HP SIM will provide the address of the iLO 
2 when CPQLOCFG.EXE is launched. 

• The -F switch is the switch that gives the full path location and name of the RIBCL file that contains 
the actions to be performed on the board. 

• The -U and -P switches specify the user login name and password. These options allow the login 
information within the script file to be overridden. 

Be sure that the LightsOut Configuration Utility is in a directory referenced by the PATH environment 
variable. Any log files generated are placed in the same directory as the LightsOut Configuration Utility 
executable 

The -L and -V switches might or might not be set depending on the IT administrator's preferences. 

• The -L switch defines where the log file generated and what the file name will be. If this switch is 
omitted, a default log file with the DNS name or the IP address is created in the same directory used 
to launch CPQLOCFG. 

Do not use this switch if launching from HP SIM. 

NOTE: The output values might need to be modified to match the RIBCL syntax. 



NOTE: The -L parameter cannot designate an output log file. A default log file named with the 
DNS name or the IP address is created in the same directory where CPQLOCFG is launched. 

• The optional -V switch turns on the verbose message return. The resulting log file contains all 
commands sent to the Remote Insight board, all responses from the Remote Insight board, and any 
errors. By default, only errors and responses from GET commands are logged without this switch. 

• The -t namevaluepairs switch substitutes variables (%variable%) in the input file with values 
specified in namevaluepairs. Separate multiple namevaluepairs with a comma (,). 

For example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="%user%" PASSWORD="%password%"> 

<USER_INFO MODE="read"> 

<GET_ALL_USERS/> 

</USER_INFO> 

</LOGIN> 
</RIBCL> 

Using a command line enter: 

Cpqlocfg -f filename -s serverip -t user=Admin, password=pass 
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If the parameter contains multiple words, you must enclose the phrase within double quotes (""). Up 
to 25 variables are supported in an XML file. The maximum length of variable name is 48 
characters. 

Web agent example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<RIB_INFO MODE="write"> 

<MOD_SNMP_IM_SETTINGS> 

<WEB_AGENT_IP_ADDRESS value=%WebAgent%/> 

</MOD_SNMP_IM_SETTINGS> 
</RIB_INFO> 
</LOGIN> 
</RIBCL> 

Invoke the script using: 

cpqlocfg -s <iLO-ip-name> -f mod snmp im settings. xml -t 
WebAgent= ' "Your Value Here"' 

When replacing a token that requires double quotes, use single quotes around the token. 

See "Using RIBCL (on page 70)" for information on the syntax of the XML data files. Sample XML scripts 
are available on the HP website ( http:/ / www.hp.com/ servers/liqhts-out ) in the Best Practices section. 
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Perl scripting 



Using Perl with the XML scripting interface 

The scripting interface provided enables administrators to manage virtually every aspect of the device in 
an automated fashion. Primarily, administrators use tools like the cpqlocfg.exe to assist deployment 
efforts. Administrators using a non-Windows® client can use Perl scripts to send XML scripts to the Lights- 
Out devices. Administrators can also use Perl to perform more complex tasks than cpqlocfg.exe can 
perform. 

This section discusses how to use Perl scripting in conjunction with the Lights-Out XML scripting language. 
Perl scripts require a valid user ID and password with appropriate privileges. Sample XML scripts for 
Lights-Out devices and a sample Perl script are available on the HP website 
( http:/ / www.hp.com/ servers/liqhts-out ) in the Best Practices section. 

XML enhancements 

Previous versions of iLO 2 firmware do not return properly formatted XML syntax. If the iLO 2 firmware 
determines the client utility does not support the return of properly formatted XML syntax, the following 
message appears: 

<INFORM>Scripting utility should be updated to the latest 
version . </INFORM> 

This message informs you to update to a later version of the cpqlocfg scripting utility. The latest version of 
cpqlocfg.exe is 2.26. 

If you are using a utility other than cpqlocfg.exe (such as Perl), the following steps might help ensure that 
the iLO 2 firmware returns properly formatted XML. You must incorporate <LOCFG version="2 .21"> 
into the script sent to iLO 2. You can place this tag in either the Perl script or the XML script. Placement of 
this tag is important. If you place this tag in the Perl script, the tag should be sent after <?xml 
version=" 1 . 0 " ?> and before the XML script is sent. If you place the tag in the XML script, the tag 
should be placed before <RIBCL version="2 . 0">. If you are using the Perl script provided by HP, 
you can add the bold line in the following example to return properly formatted XML syntax. 

• Perl script modification 

# Open the SSL connection and the input file 

my $client = new 10 :: Socket :: SSL->new (PeerAddr => $host) ; 
open(F, "<$file") | | die "Can't open $file\n"; 

# Send the XML header and begin processing the file 
print $client '<?xml version=" 1 . 0 " ?> ' . "\r\n"; 

#Send tag to iLO firmware to insure properly formatted XML is returned, 
print Sclient '<LOCFG version="2.21">' . "\r\n"; 

• XML script modification 
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<!-- The bold line could be added for the return of properly formatted 
XML. — > 

<LOCFGversion="2.21"/> 

<RIBCL version="2 . 0"> 

•CLOGIN USER_LOGIN="Adminname" PASSWORD = "passwords 
< ! — 

Add XML script here. 

--> 

</LOGIN> 
</RIBCL> 

</LOCFG> 

Opening an SSL connection 

Perl scripts must open an SSL connection to the device's HTTPS port, by default port 443. For example: 

use Socket; 

use Net::SSLeay qw(die now die if ssl error); 

Net : : SSLeay : : load_error_st rings ( ) ; 

Net : : SSLeay : : SSLeay_add_ssl_algorithms ( ) ; 

Net : : SSLeay: : randomize ( ) ; 

# 

# opens an ssl connection to port 443 of the passed host 
# 

sub openSSLconnection ( $ ) 

{ 

my $host = shift; 

my ($ctx, $ssl, $sin, $ip, $nip) ; 

if (not $ip = inet_aton ( $host) ) 

{ 

print "$host is a DNS Name, performing lookup\n" if $debug; 

$ip = gethostbyname ($host) or die "ERROR: Host $hostname not 
found . \n" ; 

} 

$nip = inet_ntoa ( Sip) ; 

print STDERR "Connecting to $nip:443\n"; 
$sin = sockaddr_in (443, $ip) ; 

socket (S, &AF_INET, &SOCK_STREAM, 0) or die "ERROR: socket: $!"; 
connect (S, $sin) or die "connect: $!"; 

$ctx = Net: : SSLeay : :CTX_new() or die_now ( "ERROR : Failed to create 
SSL_CTX $ ! ") ; 

Net: :SSLeay: : CTX_set_options ($ctx, &Net: :SSLeay: :OP_ALL) ; 
die if ssl error ( "ERROR: ssl ctx set options"); 

$ssl = Net: :SSLeay: :new($ctx) or die_now ( "ERROR: Failed to create SSL 

$ ! " ) ; 
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Net: :SSLeay: : set_f d ($ssl, fileno (S) ) ; 

Net :: SSLeay :: connect ( $ssl ) and die if ssl error ( "ERROR : ssl connect") ; 
print STDERR 'SSL Connected '; 

print 'Using Cipher: ' . Net :: SSLeay :: get cipher($ssl) if Sdebug; 
print STDERR "\n\n"; 

return $ssl; 

} 

Sending the XML header and script body 

After the connection is established, the first line of script sent must be an XML document header, which 
tells the device's HTTPS web server that the following content is an XML script. The header must match the 
header used in the example exactly. After the header has been completely sent, the remainder of the 
script can be sent. In this example, the script is sent all at once. For example: 

# usage: sendscript (host, script) 

# sends the xmlscript script to host, returns reply 
sub sendscript ($$) 

{ 

my $host = shift; 
my $script = shift; 

my ($ssl, $reply, $lastreply, $res, $n) ; 
$ssl = openSSLconnection ( $host) ; 

# write header 

$n = Net :: SSLeay :: ssl_write_all ($ssl, '<?xml version="l . 0"?> ' . "\r\n") ; 
rint "Wrote $n\n" if $debug; 

# write script 

$n = Net :: SSLeay :: ssl_write_all ( $ssl , $script) ; 
print "Wrote $n\n$script\n" if $debug; 

$reply = ""; 
$lastreply = ""; 

READLOOP: 
while (1) 

{ 

$n++; 

$reply .= $lastreply; 

$lastreply = Net :: SSLeay :: read ($ssl) ; 
die_if_ssl_error ("ERROR: ssl read"); 
if ($lastreply eq "") 

{ 

sleep(2); # wait 2 sec for more text. 
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$lastreply = Net :: SSLeay :: read ($ssl) ; 
last READLOOP if ( $lastreply eq ""); 

} 

sleep(2); # wait 2 sec for more text. 
$lastreply = Net :: SSLeay :: read ( $ssl ) ; 
last READLOOP if ( $lastreply eq ""); 

} 

print "READ: $lastreply\n" if $debug; 

if ($lastreply =~ m/STATUS=" (Ox [0-9A-F] +) " [\s] +MESSAGE= 
'(.*)' [\s]+\/>[\s]* ( ( [\s] I . ) *?)<\/RIBCL>/) 

{ 

if($l eq "0x0000") 

{ 

print STDERR "$3\n" if $3; 

} 

else 

{ 

print STDERR "ERROR: STATUS: $1, MESSAGE: $2\n"; 

} 
} 

} 

$reply .= $lastreply; 
closeSSLconnection ($ssl) ; 
return $reply; 

} 

PERL scripts can also send a portion of the XML script, wait for the reply, and send more XML later. Using 
this technique, it is possible to use the reply produced by an earlier command as input to a later 
command. However, the PERL script must send data within a few seconds or the device will time out and 
disconnect. 

When using the XML scripting interface with PERL scripts, the following restrictions apply: 

• PERL scripts must send the XML header before sending the body of the script. 

• PERL scripts must provide script data fast enough to prevent the device from timing out. 

• Only one XML document is allowed per connection, which means one pair of RIBCL tags. 

• The device will not accept additional XML tags after a syntax error occurs. To send additional XML, 
a new connection must be established. 
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Virtual Media scripting 



Scripting Web server requirements 

Virtual Media scripting uses a media image that is stored and retrieved from a Web server accessible 
from the management network. The web server must be a HTTP 1 .1 compliant server that supports the 
Range header. Furthermore, for write access to the file, the Web server should support DAV and must 
support the Content-Range header for DAV transactions. If the Web server does not meet the requirements 
for DAV, a helper CGI program may be used. The Web server may optionally be configured for basic 
HTTP authentication SSL support, or both. 



Web Server 


Read 
Support 


Write 
Support 


Authorization 


SSL 

Support 


Microsoft® IIS 5.0 


Yes 


Yes* 


Not tested 


Not 
Tested 


Apache 


Yes 


Yes 


Yes 


Yes 


Apache/Win32 


Yes 


Yes 


Yes 


Yes 



*IIS does not support Content-Range for DAV transactions. A CGI helper program must be used for write support. 

Using virtual media scripting 

Virtual media scripting is a method for controlling virtual media devices without going through the 
browser. Scriptable virtual media supports insert, eject, and status commands for floppy, USB key, and 
CD/DVD-ROM images. 

Virtual media scripting enables you to use methods other than a browser to configure iLO 2 for virtual 
media use. iLO 2 can be configured remotely using CPQLOCFG XML commands, locally using 
HPONCFG XML commands, or locally using the HPLOVM utility that replaces the VFLOP utility from the 
SmartStart Scripting toolkit. 

NOTE: Virtual media scripting does not operate Virtual Media using the browser. Likewise, the 
browser does not support scripting capabilities. For example, a floppy disk mounted using the 
browser cannot later be dismounted using the scripting interface. 

The XML commands enable you to configure virtual media in the same manner as the virtual media 
applet. However, the actual image is located on a Web server on the same network as iLO 2. After the 
image location is configured, iLO 2 retrieves the virtual media data directly from the web server. 

NOTE: USB key drives must be used with the floppy keyword syntax. 



HPLOVM.EXE is a new scripting utility that enables you to script insert, eject, and set boot options for 
virtual media devices. HPLOVM is intended to be used in place of the VFLOP.exe utility, which is part of 
the SmartStart Scripting Toolkit. 
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Command line syntax: 

HPLOVM [-device <floppy | cdrom>] [-insert <url>] [-eject] [-wp <y | n>] 
[-boot <once | always | never>] [-mgmt <ilo | riloe>] [-ver] [-?] 



Command Line Input 


Result 


[-device <floppy | 
cdrom> ] 


Defines which virtual media device is active. 


[-insert <url>] 


Defines the location of the virtual media image 
to connect. 


[-ej ect] 


Ejects the media that is currently connected 
through the virtual media drive. The virtual 

iiieuiu uiive 15 bun LuiuieLieu, uui mu riieuiu 15 

present in the drive. 


[-wp <y | n>] 


Defines the write-protected status of the Virtual 
Floppy/USB key drive. This argument has no 

offo/-t /-in tho Virtunl fH POM rlrivo 
fc2llfc2CI UN lilt: VIIIUUI l\\*/lv\ (JMVfc:. 


[—boot *Conce | silwciys | 
never> ] 
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boot the target server. 


[-mgmt <ilo | riloe>] 


Defines which management processor is being 
used with LOVM utility. If RILOE is specified, 
the VFLOP.EXE utility is used. The default setting 
of this argument is iLO 2. 


[-ver] 


Displays the HPLOVM utility version. 


[-?] 


Displays help information. 



Using Virtual Media on Linux servers through an 
SSH connection 

1. Log in to the iLO 2 through SSH (SSH connection from another Linux system, using PuTTY from 
Windows®). 

2. Enter vm to display a list of commands available for Virtual Media. 

3. Enter vm floppy insert http : / /<address>/<image-name>. 

The image is available to boot from, but will not be seen by the operating system. (Boot options can 
be configured with vm floppy set <option>, the options are boot_once, boot_always, and 
no_boot.) Boot options from a USB key drive are only valid on servers with ProLiant USB key drive 
support. 

4. Enter vm floppy set connect to make the floppy or key drive available to the operating 
system. 

5. Enter vm floppy get to display the current status. For example: 

VM Applet = Disconnected 
Boot Option = BOOT_ONCE 
Write Protect = Yes 
Image Inserted = Connected 

The status of the Virtual Media applet is always disconnected, unless a Virtual Floppy/USBKey or 
CD-ROM is connected through the graphical iLO 2 interface. 
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The Virtual Floppy/USBKey can be disconnected using the vm floppy set disconnect or vm 
floppy eject commands. To connect or disconnect a Virtual CD-ROM, use cdrom instead of 
floppy. 

The link to the Virtual Floppy/USBKey or CD-ROM image must be a URL. It is not possible to specify a 
drive letter. The CD-ROM image should be in .iso format. The floppy image can be created from a 
physical floppy by using rawrite or the image creation tool included with the Virtual Media applet in 
the graphical iLO 2 interface. 

Mounting Virtual Media on the Linux server: 

1. Use lsmod to check that the following modules are loaded: 
o usbcore 

o usb-storage 
o usb-ohci 
o sd_mod 

If any of the modules are missing, use modprobe <module> to load them. 

2. Mount the drive using one of following: 

o mount /dev/sda /mnt/f loppy -t vfat— Mounts a virtual floppy. 

o mount /dev/sdal /mnt/keydrive— Mounts a virtual USB key drive. 

o mount /dev/cdroml /mnt/cdrom— Mounts a virtual CD-ROM on a Red Hat system. (Use 
/dev/cdrom if the server does not have a locally attached CD-ROM drive.) 

o mount /dev/scdO /mnt/cdrom— Mounts a virtual CD-ROM on a SUSE system. 

Virtual media image files 

Valid diskette images may be raw disk images, produced by the iLO 2 Virtual Media applet, the UNIX® 
utility dd, the DOS utility rawrite, or images created by the CPQIMAGE utility. CD-ROM images must be 
ISO-9660 file system images. No other type of CD-ROM images are supported. 

The images created by the Virtual Media applet are raw disk images in the case of diskettes and ISO- 
9660 images in the case of CD-ROMs. Many CD-ROM burning utilities can create ISO-9660 images. 
Refer to the documentation of your utility for additional information. 

CGI helper application 

The following perl script is an example of a CGI helper application that allows diskette writes on Web 
servers that cannot perform partial writes. When using the helper application, the iLO 2 firmware posts a 
request to this application with three parameters: 

• The file parameter contains the name of the file provided in the original URL. 

• The range parameter contains an inclusive range (in hexadecimal) designating where to write the 
data. 

• The data parameter contains a hexadecimal string representing the data to be written. 

The helper script must transform the file parameter into a path relative to its working directory. This 
function might involve prefixing it with "../," or it might involve transforming an aliased URL path into the 
true path on the file system. The helper script requires write access to the target file. Diskette image files 
must have the appropriate permissions. 
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Example: 

# ! /usr/bin/perl 

use CGI; 
use Fcntl; 

# 

# The prefix is used to get from the current working 

# directory to the location of the image file# 
my ($prefix) = ".."; 

my (Sstart, $end, $len, $decode) ; 

# Get CGI data 

my $q = new CGI(); 

# Get file to be written 

my $file = $q->param ( ' f ile ' ) ; 

# Byte range 

$range = $q->param (' range ') ; 

# And the data 

my $data = $q->param ( ' data ' ) ; 
# 

# Change the filename appropriately 
# 

$file = $prefix . "/" . $file; 
# 

# Decode the range 
# 

if ($range =~ m/ ( [0-9A-Fa-f ] +) - ( [0-9A-Fa-f ] +) /) { 
$start = hex($l); 
$end = hex ( $2 ) ; 
$len = $end - $start + 1; 

} 
# 

# Decode the data (it's a big hex string) 
# 

$decode = pack("H*", $data) ; 
# 

# Write it to the target file 
# 

sysopen(F, $file, 0_RDWR) ; 
binmode (F) ; 

sysseek(F, $start, SEEK_SET) ; 
syswrite(F, $decode, $len) ; 
close ( F ) ; 

Setting up IIS for scripted virtual media 

Before setting up IIS for scripted media, make sure IIS is operational. Use Internet Information Services 
(IIS) Manager to set up a simple website and verify that it is working correctly by browsing to the site. 

1. Configure IIS to serve diskette or ISO-9660 CD-ROM images for read-only access. 

a. Add a directory to your website and place your images in the directory. 
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b. Verify that IIS can access the MIME type for the files you are serving. For example, if you name 
your diskette images with the extension .img, you must add a MIME type for that extension. Use 
the IIS manager to access the Properties dialog of your website. On the HTTP Headers tab, click 
MIME Types to add additional MIME types. 

HP recommends you add the following types: 

.img— application/octet-stream 

.iso— application/ octet-stream 

2. Configure IIS for read/write access. 

a. Install Perl (if necessary). 

b. Create a directory on your web site to hold the virtual media helper script, and copy the script to 
that location. 

c. Using the properties page for your directory, under Application Settings, click Create to create 
an application directory. 

The icon for you directory in IIS manager should change from a folder to a gear. 

d. Set Execute Permissions to Scripts Only. 

e. Verify that Perl is set up as a script interpreter. Click Configuration on the properties page to 

view the application associations. Perl should be configured as pi c: \perl\bin\perl . exe 
"%s" %s GET, HEAD, POST . 

f. Verify your Web Service Extensions allows Perl scripts to execute. If not, click Web Service 
Extensions and set Perl CGI Extension to Allowed. 

g. Verify the prefix variable in the helper script is set correctly. 
Additional information: 

The basic format for the XML insert command is: 

<INSERT_VIRTUAL_MEDIA DEVICE=" device" 
IMAGE_URL="http : / / servername/path/ to/ file"/> 

• The device field can be either FLOPPY or CDROM. 

• The IMAGE URL can be either an http or https URL to a diskette or CD ROM image. 

The basic format of the URL is protocol : / / user: password@servername : port /path, helper- 
script where: 

• protocol is mandatory and can be either http or https. 

• user : password portion is optional. When present, http basic authorization is used. 

• servername is mandatory and is either the hostname or IP address of the web server. 

• port is optional and specifies a web server on a non-standard port. 

• path is mandatory and refers to the image file being accessed. 

• helper-script is optional and refers to the location of the helper script on IIS web servers. 
Helper script: 

The following Perl script is a sample CGI helper script: 

# ! /usr/bin/perl 

use CGI; 
use Fcntl; 
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# 

# The prefix is used to get from the current working directory 

# to the location of the image file you are writing 
# 

my ($prefix) = "c : /inetpub/wwwroot" ; 
my ($start, $end, $len, $decode) ; 

my $q = new CGI(); # Get CGI data 

my $file = $q->param ( ' f ile ' ) ; # File to be written 

my $range = $q->param (' range ') ; # Byte range to be written 

my $data = $q->param ( ' data ' ) ; # Data to be written 

# 

# Merges the filename correctly 
# 

$file = $prefix . "/" . $file; 
# 

# Decode the range 
# 

if ($range =~ m/ ( [0-9A-Fa-f ] +) - ( [0-9A-Fa-f ] +) /) { 
$start = hex($l); 
$end = hex ($2) ; 
$len = $end - $start + 1; 

} 
# 

# Decode the data (a large hex string) 
# 

$decode = pack("H*", $data) ; 
# 

# Write it to the target file 
# 

sysopen(F, $file, 0_RDWR) ; 
binmode (F) ; 

sysseek(F, $start, SEEK_SET) ; 
syswrite(F, $decode, $len) ; 
close (F) ; 

print "Content-Length: 0\r\n"; 
print "\r\n"; 
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HPONCFG online configuration utility 



HPONCFG 



The HPONCFG utility is an online configuration tool used to set up and configure the iLO, iLO 2, and 
RILOE II from within Windows® and Linux operating systems without requiring a reboot of the server 
operating system. The utility runs in a command line mode and must be executed from an operating 
system command line using an account with administrator or root access. The HPONCFG utility also 
provides a limited graphical interface for servers that use Windows operating systems. 



HPONCFG supported operating systems 



• Windows 

o Windows Server® 2003 
o Windows Server® 2008 

• RedHat Linux 

o Red Hat Linux Enterprise Linux 3 
o Red Hat Linux Enterprise Linux 4 
o Red Hat Linux Enterprise Linux 5 

• SUSE Linux 

o SUSE Linux Enterprise Server 9 
o SUSE Linux Enterprise Server 10 
o SUSE Linux Enterprise Server 1 1 



• Windows-based servers— The iLO Management Interface Driver must be loaded on the server. The 
SmartStart operating system installation process normally installs this driver. During execution, 
HPONCFG issues a warning if it cannot locate the driver. If the driver is not installed, you must 
download and install the driver on the server. You can download the driver from the HP website 
( http://h20000.www2.hp.com/bizsupport/TechSupport/Softwarelndex. jsp?lanq=en&cc=us&prod 
Nameld=l 1 35772&prodTypeld=l 8964&prodSeriesld=l 1 46658&swLanq=8&taskld=l 35&swEnv 
OID=1005#1 13213) . 

• Linux-based servers— The iLO Management interface driver (hpilo) must be loaded on the server and 
the health driver package (hp-health rpm) must be installed. The SmartStart operating system 
installation process normally installs this driver. If the driver is not installed, you must download and 
install the driver on the server. You can download the driver from the HP website 
( http://h20000.www2.hp.com/bizsupport/TechSupport/DriverDownload.jsp?prodNameld=l 1 357 
72&lanq=en&cc=us&taskld= 1 35&prodTypeld= 1 8964&prodSeriesld= 1 1 46658) 



HPONCFG 
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Installing HPONCFG 

The HPONCFG utility is delivered in separate packages for Windows® and Linux operating systems. For 
Windows® operating systems, it is included as a smart component. For Linux operating systems, it is 
included as an RPM package file. HPONCFG packages are included in the ProLiant Support Pack. 

Windows server installation 

HPONCFG installs automatically when the ProLiant Support Pack is installed. To install HPONCFG 
manually, run the self-extracting executable. HPONCFG creates a directory at %Program 
f iles%\HP\hponcfg. 

Linux server installation 

HPONCFG is installed automatically when ProLiant Support Pack is installed. The rpm of HPONCFG for 

Linux distributions can be downloaded from the HP website 

( http://h20000.www2. hp.com/bizsupport/TechSu pport/DriverDownload.jsp?prodNameld=l 1 35772&I 
anq=en&cc=us&taskld= 1 35&prodClassld=- 1 &prodTypeld= 1 8964&prodSeriesld= 1 1 46658) . 

Install the appropriate package using the rpm installation utility. For example, for a package installation, 
you can install hponcfg rpm on Red Hat Enterprise Linux 3 by entering the following command: 

rpm -ivh hponcf g-1 . 9 . 0-3 . linux . rpm 

If an older version of the hponcfg RPM package is installed on the system, run the following command to 
remove the older version before installing the new version of HPONCFG: 

rpm -e hponcfg 

The iLO or RILOE II driver (hp-ilo or hprsm) rpm package and the hp-health rpm package must be installed 
on the system before installing the hponcfg rpm package. 

After installation, the HPONCFG executable is located in the /sbin directory. Be sure that the appropriate 
Management Interface Driver is installed. See the section, "HPONCFG requirements (on page 61 )" for 
details about where to obtain this driver and file. 

HPONCFG utility 

The HPONCFG configuration utility reads an XML input file, formatted according to the rules of the RIBCL 
language, and produces a log file containing the requested output. A few sample scripts are included in 
the HPONCFG delivery package. A package containing various and comprehensive sample scripts is 
available for download on the HP website 

( http://h20000.www2.hp.com/bizsuppo rt/TechSupport/Softwarelndex.jsp?lang=en&cc=us&prodNamel 
d=l 1 35772&prodTypeld=l 8964&prodSeriesld=l 146658&swLang=8&taskld=l 35&swEnvOID=1005# 
113213) . 

Typical usage is to select a script that is similar to the desired functionality and modify it for your exact 
requirements. Although no authentication to iLO, iLO 2, or RILOE II is required, the XML syntax requires 
that the USERJ.OGIN and PASSWORD tags are present in the LOGIN tag, and that these fields contain 
data. Any data is accepted in these fields. To successfully execute HPONCFG, the utility must be invoked 
as Administrator on Windows® servers and as root on Linux servers. HPONCFG returns an error 
message, if you do not possess sufficient privileges. 
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HPONCFG command line parameters 

HPONCFG accepts the following command line parameters: 

• /help or ?— Displays the help page. 

• /reset— Resets the RILOE II, iLO, or iLO 2 to factory default values. 

• /f <filename>— Sets and receives the RILOE II, iLO, or iLO 2 configuration from the information 
given in the XML input file that has name filename. 

• /i <filename>— Sets and receives RILOE II, iLO or iL02 configuration from XML input received 
through the standard input stream. 

• /w <filename>— Writes the RILOE II, iLO, or iLO 2 configuration obtained from the device to the 
XML output file that has the name filename. 

• /I <filename>— Logs replies to the text log file that has name filename. 

• /s <namevaluepairs> or /substitute <namevaluepairs>— Substitutes variables present in the input 
config file with values specified in <namevaluepairs>. 

• /gethostinfo— Receives the host information. Returns the server name and server serial number. 

• /m— Indicates the minimum firmware level that should be present in the management device to 
execute the RIBCL script. If at least this level of firmware is not present, HPONCFG returns an error 
without performing any additional action. 

• /mouse— Configures the server for optimized mouse handling to improve graphical remote console 
performance. By default, it optimizes for remote console single cursor mode for the current user. The 
dualcursor command line option, along with the mouse option, optimizes mouse handling as 
suited for remote console dual-cursor mode. The allusers command line option optimizes mouse 
handling for all users on the system. This option is available only for Windows®. 

• /display— Configures Windows® display parameters to optimize graphical remote console display 
performance. 

The options must be preceded by a / (slash) for Windows® and Linux as specified in the usage string. 

Example HPONCFG command line: 

HPONCFG /f add_user.xml /l log.txt > output.txt 

Using HPONCFG on Windows servers 

Start the HPONCFG configuration utility from the command line. When using Windows®, cmd.exe is 
available by selecting Start>Run>cmd. HPONCFG displays a usage page if HPONCFG is entered with 
no command line parameters. HPONCFG accepts a correctly formatted XML script. For more information 
about formatting XML scripts, see "Using RIBCL (on page 70)." HPONCFG sample scripts are included in 
the HPONCFG package. 

The command line format is: 

HPONCFG [ /help / ? | / m f irmwarelevel | /reset [/m f irmwarelevel ] 
If. filename [/l filename] [/s namevaluepairs ] 

[/xmlverbose or /v] [/m f irmwarelevel ] 

/i [/l filename] [/s namevaluepairs] 

[/xmlverbose or /v] [/m f irmwarelevel ] 

/w filename [/m f irmwarelevel ] 

/get hostinfo [/m f irmwarelevel ] 
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/mouse [ /dualcursor ] [/allusers] ] 

For more information on using these parameters, see "HPONCFG command line parameters (on page 
63)." 

Using HPONCFG on Linux servers 

Invoke the HPONCFG configuration utility from the command line. HPONCFG displays a usage page if it 
is entered with no command line parameters. 

The command line format is: 



hponcf g 


- 7 




hponcf g 


-h 




hponcf g 


-m 


minFw 


hponcf g 


-r 


[-m minFw ] 


hponcf g 


-w 


filename [-m minFw] 


hponcf g 


-g 


[-m minFw] 


hponcf g 


-f 


filename [-1 filename] [-s namevaluepairs ] [-v] 


hponcf g 


-i 


]-l filename] [-s namevaluepairs] [-v] [-m minFw 



For more information on using these parameters, see "HPONCFG command line parameters (on page 
63)." 

Obtaining the basic configuration 

You can use HPONCFG to obtain a basic configuration from RILOE II, iLO, or iLO 2 by executing the 
utility from the command line without specifying an input file. You must provide the name of the output file 
on the command line. For example: 

HPONCFG /w config.xml 

In this example, the utility indicates that it obtained the data successfully and wrote the data to the output 
file. The following is a typical example of the contents of the output file: 

<! — HPONCFG VERSION = "1.2" — > 
<!-- Generated 07/06/05 09:06:51 — > 
<RIBCL VERSION="2 . 1"> 

•CLOGIN USER_LOGIN="Administrator" PASSWORD="password"> 

<DIR_INFO MODE="write"> 

<MOD_DIR_CONFIG> 

<DIR_AUTHENTICATION_ENABLED VALUE = "N"/> 
<DIR_LOCAL_USER_ACCT VALUE = "Y"/> 
<DIR_SERVER_ADDRESS VALUE = ""/> 
<DIR_SERVER_PORT VALUE = "636"/> 
<DIR_OBJECT_DN VALUE = ""/> 
<DIR_OBJECT_PASSWORD VALUE = ""/> 
<DIR_USER_CONTEXT_l VALUE = ""/> 
<DIR_USER_CONTEXT_2 VALUE = ""/> 
<DIR_USER_CONTEXT_3 VALUE = ""/> 
</MOD_DIR_CONFIG> 
</DIR_INFO> 

<RIB_INFO MODE="write"> 
<MOD_NETWORK_SETTINGS> 
<SPEED_AUTOSELECT VALUE = "Y"/> 
<NIC_SPEED VALUE = "100"/> 
<FULL_DUPLEX VALUE = "Y"/> 
<DHCP_ENABLE VALUE = "Y"/> 
<DHCP_GATEWAY VALUE = "Y"/> 
<DHCP_DNS_SERVER VALUE = "Y"/> 
<DHCP STATIC ROUTE VALUE = "Y"/> 
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<DHCP_WINS_SERVER VALUE = "Y"/> 
<REG_WINS_SERVER VALUE = "N"/> 
<IP_ADDRESS VALUE = " 1 6 . 1 0 0 . 2 4 1 . 22 9 " /> 
<SUBNET_MASK VALUE = "2 55 . 2 55 . 2 52 . 0 " /> 
<GATEWAY_IP_ADDRESS VALUE = "16.100.240.1"/> 
<DNS_NAME VALUE = " IL0D2 34KJ4 4D0 0 2 " /> 
<DOMAIN_NAME VALUE = "americas . cpqcorp . net" /> 
<PRIM_DNS_SERVER value = "16 . 81 . 3 . 242"/> 
<SEC_DNS_SERVER value = "0.0.0.0"/> 
<TER_DNS_SERVER value = "0.0.0.0"/> 
<PRIM_WINS_SERVER value = "16 . 81 . 3 . 247 "/> 
<SEC_WINS_SERVER value = "0.0.0.0"/> 

<STATIC_R0UTE_1 DEST = "0.0.0.0" GATEWAY = "0.0.0.0"/> 

<STATIC_ROUTE_2 DEST = "0.0.0.0" GATEWAY = "0.0.0.0"/> 

<STATIC_ROUTE_3 DEST = "0.0.0.0" GATEWAY = "0.0.0.0"/> 

</MOD_NETWORK_SETTINGS> 

<USER_INFO MODE="write"> 

<ADD_USER 

USER_NAME = "Usernamel" 

USER_LOGIN = "Userl" 

PASSWORD = "%user_password%"> 
<ADMIN_PRIV value = "N"/> 
<REMOTE_CONS_PRIV value = "Y"/> 
<RESET_SERVER_PRIV value = "N"/> 
<VIRTUAL_MEDIA_PRIV value = "N"/> 
<CONFIG_ILO_PRIV value = "N"/> 
</ADD_USER> 
</USER_INFO> 
</LOGIN> 
</RIBCL> 

For security reasons, user passwords are not returned. 

ining a specific configuration 

A specific configuration can be obtained using the appropriate XML input file. For example, the follow 
is the contents of a typical XML input file, get global . xml: 

< ! — Sample file for Get Global command --> 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="x" PASSWORD="x"> 

<RIB_INFO MODE="read"> 

<GET_GLOBAL_SETTINGS /> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 

The XML commands are read from the input file get global .xml and are processed by the device: 

HPONCFG /f get_global .xml /l log.txt > output.txt 

The requested information is returned in the log file, which, in this example, is named log.txt. 
<GET_GLOBAL_SETTINGS> 

<SESSION_TIMEOUT VALUE="15"/> 

<ILO_FUNCT_ENABLED VALUE="Y"/> 

<F8 PROMPT ENABLED VALUE="Y"/> 
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<F8_L0GIN_REQUIRED VALUE="N"/> 
<TELNET_ENABLE VALUE="N"/> 
<PASSTHROUGH_CONFIG VALUE=" 1 " /> 
<HTTPS_PORT VALUE="443"/> 
<HTTP_PORT VALUE="80"/> 
<REMOTE_CONSOLE_PORT VALUE=" 2 3 " / > 
<TERMINAL_SERVICES_PORT VALUE=" 33 8 9 " /> 
<V I RTUAL_ME D I A_PORT VALUE=" 17988 "/> 
<SSH_PORT VALUE="22"/> 
<SSH_STATUS VALUE="Y"/> 

<SERIAL_CLI_STATUS VALUE="Enabled-Authentication Required"/> 
<SERIAL_CLI_SPEED VALUE=" 9 6 0 0 " /> 
<MIN_PASSWORD VALUE="8"/> 

<AUTHENT I CAT I ON_FAI LURE_LOGG ING VALUE="Enabled-every 3rd failure" /> 
<REMOTE_KEYBOARD_MODEL VALUE="US"/> 
<RBSU_POST_IP VALUE="Y"/> 

<HIGH_PERFORMANCE_MOUSE VALUE="Automatic"> 

<REMOTE_CONSOLE_ACQUIRE VALUE="N" /> 
</GET_GLOBAL_SETTINGS> 

Setting a configuration 

You can set a specific configuration by using the command format: 

HPONCFG /f add_user.xml /l log.txt 

In this example, the input file has contents: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="x" PASSWORD="x"> 
<USER_INFO MODE="write"> 

<ADD_USER 

USER_NAME="Landy9" 

USER_L0GIN="mandy8 " 

PASSWORD="f loppyshoes"> 

<ADMIN_PRIV value ="No"/> 

<REMOTE_CONS_PRIV value ="Yes"/> 

<RESET_SERVER_PRIV value ="No"/> 

<VIRTUAL_MEDIA_PRIV value ="No"/> 

<CONFIG_ILO_PRIV value=" Yes " /> 

</ADD_USER> 
</USER_INFO> 
</LOGIN> 
</RIBCL> 

The specified user is added to the device. 
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Using variable substitution 

HPONCFG version 1 .2 and greater enables you to specify variables in the XML RIBCL script and to 
assign values to those variables when HPONCFG is executed. This feature helps to avoid rewriting the 
XML script file every time with different values. Anything enclosed by two '%' characters in the XML file is 
considered a variable. 

Example 1 : In this example, %username%, %loginname%, and %password% are variables. 

<!-- Add user with minimal privileges to test default setting of 
assigned privileges to 'N' --> 
<RIBCL version="l .2"> 

<LOGIN USER_LOGIN="x" PASSWORD="x"> 

<USER_INFO MODE="write"> 

<ADD_USER USER_NAME="%username%" USER_LOGIN="%loginname%" 
PASSWORD="%password%"> 

<RESET_SERVER_PRIV value="Y" /> 

<ADMIN_PRIV value="Y" /> 

</ADD_USER> 

</USER_INFO> 
</LOGIN> 
</RIBCL> 

You can specify values for these variables at execution time using the substitute option. The argument must 
be a string or variable name and value pairs separated by delimiter ',' (comma). The variable name and 
its value must be separated by an equal sign (=). 

HPONCFG /f add_user.xml /s username="test 
user" , login=" test login" , password=testpasswd 

Example 2: In this example, %host_power% is a variable. 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<SERVER_INFO MODE="write"> 

<!-- Modify the HOST_POWER attribute to toggle power on the host server 
--> 

<!-- HOST_POWER="No" (Turns host server power off) --> 

< ! — A graceful shutdown will be attempted for ACPI-aware --> 

< ! — operating systems configured to support graceful shutdown. --> 

<!-- HOST_POWER="Yes" (Turns host server power on) --> 

<SET_HOST_POWER HOST_POWER=" %host_power% " /> 

</SERVER_INFO> 

</LOGIN> 

</RIBCL> 

• To power on the system, enter HPONCFG /f Set_Host_Power . xml /s host_power=YES . 

• To power off the system, enter HPONCFG /f Set_Host_Power . xml /s host_power=NO . 

Capturing and restoring a configuration 

You can use HPONCFG to capture basic configuration information in an XML readable file format and 
use the file to set or restore the configuration of the management processor. This feature is available with 
HPONCFG version 1 .2 and greater which writes the configuration information in HP RIBCL format. 

• To capture a configuration, you must specify the name and location of the output file on the 

command line. For example: 

HPONCFG /w config.xml 
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The utility displays a message when it successfully writes the configuration information to the output 
file as requested. The following is an example of the contents of the output file: 

<! — HPONCFG VERSION = "1.2" — > 
<!-- Generated 07/06/05 09:06:51 — > 
<RIBCL VERSION="2 . 1"> 

<LOGIN USER_LOGIN="Administrator" PASSWORD="password"> 
<DIR_INFO MODE="write"> 

<MOD_DIR_CONFIG> 

<DIR_AUTHENTICATION_ENABLED VALUE = "N"/> 

<DIR_LOCAL_USER_ACCT VALUE = "Y"/> 

<DIR_SERVER_ADDRESS VALUE = ""/> 

<DIR_SERVER_PORT VALUE = "636"/> 

<DIR_OBJECT_DN VALUE = ""/> 

<DIR_OBJECT_PASSWORD VALUE = ""/> 

<DIR_USER_CONTEXT_l VALUE = ""/> 

<DIR_USER_CONTEXT_2 VALUE = ""/> 

<DIR_USER_CONTEXT_3 VALUE = ""/> 

</MOD_DIR_CONFIG> 
</DIR_INFO> 

<RIB_INFO MODE="write"> 
<MOD_NETWORK_SETTINGS> 

<SPEED_AUTOSELECT VALUE = "Y"/> 
<NIC_SPEED VALUE = "100"/> 
<FULL_DUPLEX VALUE = "Y"/> 
<DHCP_ENABLE VALUE = "Y"/> 
<DHCP_GATEWAY VALUE = "Y"/> 
<DHCP_DNS_SERVER VALUE = "Y"/> 
<DHCP_STATIC_ROUTE VALUE = "Y"/> 
<DHCP_WINS_SERVER VALUE = "Y"/> 
<REG_WINS_SERVER VALUE = "N"/> 
<IP_ADDRESS VALUE = " 1 6 . 1 0 0 . 2 4 1 . 22 9 " /> 
<SUBNET_MASK VALUE = "2 55 . 2 55 . 2 52 . 0 " /> 
<GATEWAY_IP_ADDRESS VALUE = "16 . 100 . 240 . l"/> 
<DNS_NAME VALUE = " ILOD2 34KJ4 4D0 02 " /> 
<DOMAIN_NAME VALUE = "americas . cpqcorp . net" /> 
<PRIM_DNS_SERVER value = "16 . 81 . 3 . 242"/> 
<SEC_DNS_SERVER value = "0.0.0.0"/> 
<TER_DNS_SERVER value = "0.0.0.0"/> 
<PRIM_WINS_SERVER value = "16 . 81 . 3 . 247"/> 
<SEC_WINS_SERVER value = "0.0.0.0"/> 

<STATIC_ROUTE_l DEST = "0.0.0.0" GATEWAY = "0.0.0.0"/> 

<STATIC_ROUTE_2 DEST = "0.0.0.0" GATEWAY = "0.0.0.0"/> 

<STATIC_ROUTE_3 DEST = "0.0.0.0" GATEWAY = "0.0.0.0"/> 

</MOD_NETWORK_SETTINGS> 
<USER_INFO MODE="write"> 

<ADD USER 
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USER_NAME = "Usernamel" 

USER_LOGIN = "Userl" 

PASSWORD = "%user_password%"> 

<ADMIN_PRIV value = "N"/> 

<REMOTE_CONS_PRIV value = "Y"/> 

<RESET_SERVER_PRIV value = "N"/> 

<VIRTUAL_MEDIA_PRIV value = "N"/> 

<CONFIG_ILO_PRIV value = "N"/> 

</ADD_USER> 
</USER_INFO> 
</LOGIN> 
</RIBCL> 

The default user Administrator and user passwords are not captured in the configuration file or 
returned in the response for security reasons. A variable is provided in its place which you can use 
with the substitute option to provide a default password for all users when restoring a configuration. 
You can also manually change the password before using the file to restore the configuration. 

• To restore the configuration, the file must be sent to HPONCFG as input to the "/f" or "-f" option. 
You can add a default password for all the users using the substitute or s option. For example: 

HPONCFG /f config.xml /s user password=password 
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Using RIBCL 



Overview of the RIBCL 

RIBCL enables you to write XML scripts to configure and manage iLO 2 configuration settings, user 
accounts, directory settings, server settings, and HP SIM SSO settings. You can download sample scripts 
for all iLO 2 commands described in this section from the HP website ( http:/ / www.hp.com/ servers/lights- 
out ). Before using the XML sample scripts downloaded from the HP website, read the firmware support 
information in each sample script to tailor the script for the intended firmware and version. 

When writing your XML scripts, do write comments in the command. If a comment falls in the command 
line, an error message is generated. Unless otherwise specified, examples in this guide are specifically for 
iLO 2 firmware version 1.10 and later. 

The "Using RIBCL" section describes the XML commands and their parameters common to most LOM 
products and servers. For more information about the ProLiant BL p-class server and rack XML commands, 
see the HP Integrated Lights-Out 2 User Guide. 

XML header 

The XML header ensures the connection is an XML connection, not an HTTP connection. The XML header 
is built into the cpqlocfg utility and has the following format: 

<?xml version="l . 0"?> 

Data types 

The three data types that are allowed in the parameter are: 

• String 

• Specific string 

• Boolean string 

String 

A string is any text enclosed in quotes. It can include spaces, numbers, or any printable character. A 
string may start with either a double or single quote and it must end with the same type of quote. The 
string may contain a quote if it is different from the string delimiter quotes. 

For example, if a string is started with a double quote, a single quote can be used within the string and 
the string must be closed with a double quote. 

Specific string 

A specific string is one that is required to contain certain characters. In general, you have a choice of 
words that are accepted as correct syntax and all other words produce an error. 
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Boolean string 

A Boolean string is a specific string that specifies a "yes" or "no" condition. Acceptable Boolean strings 
are "yes," "y," "no," "n," "true," "t," "false," and "f," These strings are not case sensitive. 



Response definitions 

Every command that is sent to the iLO 2 generates a response. The response indicates whether the 
command succeeded or failed. Some commands generate additional information. The additional 
information is displayed in execution sequence, provided no errors occurred. 

Example: 

<RESPONSE 

STATUS="0x0001" 

MSG="There has been a severe error." 

/> 

• RESPONSE 

This tag name indicates that the iLO 2 is sending a response to the previous commands back to the 
client application to indicate the success or failure of the commands that have been sent to the iLO 2. 

• STATUS 

This parameter contains an error number. The number 0x0000 indicates that there is no error. 

• MSG 

This element contains a message describing the error that happened. If no error occurred, the 
message No error appears. 



RIBCL 

This command is used to start and end an RIBCL session. You can use it only once to start an RIBCL 
session, and it must be the first command to display in the script. The RIBCL tags are required to mark the 
beginning and the end of the RIBCL document. 

Example: 

<RIBCL VERSION="2 . 0"> 
</RIBCL> 



RIBCL parameters 

VERSION is a string that indicates the version of the RIBCL that the client application is expecting to use. 
The VERSION string is compared to the version of the RIBCL that is expected, and an error is returned if 
the string and the version do not match. The preferred value for the VERSION parameter is "2.0." The 
VERSION parameter is no longer checked for an exact match; however, this parameter can never be 
blank. 

RIBCL runtime errors 

The possible RIBCL error messages include: 
Version must not be blank. 
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LOGIN 



The LOGIN command provides the information that is used to authenticate the user whose permission 
level will be used when performing RIBCL actions. The specified user must have a valid account on the 
respective iLO 2 to execute RIBCL commands. The user's privileges are checked against the required 
privilege for a particular command, and an error is returned if the privilege level does not match. 

Example: 

•CLOGIN USER_LOGIN="username" PASSWORD="password"> 
</LOGIN> 

Alternatively, the CPQLOCFG utility can specify the login information as parameters on its command line: 

cpqlocfg -u <username> -p <password> 

When using this format, the utility returns an Overriding credentials warning message but still 
shows the error log message entry as Login name must not be blank. 

LOGIN parameters 

USER LOGIN is the login name of the user account. This parameter is case sensitive and must never be 
blank. 

PASSWORD is the password associated with the user. This parameter is case sensitive and can be a 
combination of any printable characters. 

LOGIN runtime errors 

The possible runtime error messages include: 

• User login name was not found. 

• Password must not be blank. 

• Logged-in user does not have required privilege for this command. 

USERJNFO 

The USERJNFO command can only appear within a LOGIN command block. When the command is 
parsed, it reads the local user information database into memory and prepares to edit it. Only commands 
that are USERJNFO type commands are valid inside the USERJNFO command block. The USERJNFO 
command generates a response that indicates to the host application whether the database was 
successfully read or not. If database is open for writing by another application, then this call will fail. 

USERJNFO requires the MODE parameter with a value of read or write. MODE is a specific string 
parameter with a maximum length of 10 characters that specifies what you intend to do with the 
information. 

Write mode enables both reading and writing of iLO 2 information. Read mode prevents modification of 
the iLO 2 information. 

Example: 

<USER_INFO MODE="write"> 

USER_INFO commands 

•C/USER INFO 
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ADDJJSER 

The ADD_USER command is used to add a local user account. The USER_NAME and USERJOGIN 
parameters must not exist in the current user database. Use the MOD USER command to change an 
existing user's information. For this command to parse correctly, the command must appear within a 
USERJNFO command block, and USERJNFO MODE must be set to write. The user must have the 
administrative privilege. 

All of the attributes that pertain to the user are set using the following parameters. 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="loginname" PASSWORD="password"> 

<USER_INFO MODE="write"> 

<ADD_USER 

USER_NAME="User" 

USER_LOGIN="username" PASSWORD="password"> 

<ADMIN_PRIV value ="No"/> 

<REMOTE_CONS_PRIV value ="Yes"/> 

<RESET_SERVER_PRIV value ="No"/> 

<VIRTUAL_MEDIA_PRIV value ="No"/> 

<CONFIG_ILO_PRIV value ="No"/> 

</ADD_USER> 

</USER_INFO> 

</LOGIN> 
</RIBCL> 

ADDJJSER parameters 

USER NAME is the actual name of the user. This parameter can be a combination of any printable 
characters up to a maximum length of 39 characters. This parameter is case sensitive and must never be 
blank. 

USER LOGIN is the name used to gain access to the respective iLO 2. This parameter can be a 
combination of any printable characters up to a maximum length of 39 characters. This parameter is case 
sensitive and must never be blank. 

PASSWORD is the password associated with the user. This parameter is case sensitive and can be a 
combination of any printable characters. The length is user defined and can be a minimum of zero 
characters and a maximum of 39 characters. The minimum length is defined in the iLO 2 Global Settings 
and has a default value of eight characters. 

ADMINPRIV is a Boolean parameter that allows the user to administer user accounts. The user can 
modify their account settings, modify other user account settings, add users, and delete users. Omitting 
this parameter prevents the user from adding, deleting, or configuring user accounts. 

REMOTE_CONS_PRIV is a Boolean parameter that gives permission for the user to access the Remote 
Console functionality. This parameter is optional, and the Boolean string must be set to "Yes" if the user 
should have this privilege. If this parameter is used, the Boolean string value must never be left blank. 
Omitting this parameter denies the user access to Remote Console functionality. 

RESET SERVER PRIV is a Boolean parameter that gives the user permission to remotely manipulate the 
server power setting. This parameter is optional, and the Boolean string must be set to "Yes" if the user 
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should have this privilege. If this parameter is used, the Boolean string value must never be left blank. 
Omitting this parameter prevents the user from manipulating the server power settings. 

VIRTUAL MEDIA PRIV is a Boolean parameter that gives the user permission to access the virtual media 
functionality. This parameter is optional, and the Boolean string must be set to "Yes" if the user should 
have this privilege. If this parameter is used, the Boolean string value must never be left blank. Omitting 
this parameter denies the user virtual media privileges. 

CONFIG_ILO_PRIV is a Boolean parameter that allows the user to configure iLO settings. This privilege 
includes network settings, global settings, Insight Manager settings, and SNMP settings. This parameter is 
optional, and the Boolean string must be set to "Yes" if the user should have this privilege. If this 
parameter is used, the Boolean string value must never be blank. Omitting this parameter prevents the 
user from manipulating the current iLO 2 configuration. 

The following parameters are not applicable to a user's privileges in the iLO firmware versions 1 .40 and 
higher and iLO 2 firmware versions 1 . 1 x and higher. The parameters will parse correctly, but user 
privileges will not be affected. 

VIEW_LOGS_PRIV is a Boolean parameter that gives the user permission to view the iLO 2 system logs. 
This parameter is optional, and the Boolean string must be set to "Yes" if the user should be allowed to 
view logs. If this parameter is used, the Boolean string value must never be blank. 

CLEAR_LOGS_PRIV is a Boolean parameter that gives the user permission to clear the event log. This 
parameter is optional, and the Boolean string must be set to "Yes" if the user should be allowed to clear 
the iLO 2 event log. If this parameter is used, the Boolean string value must never be blank. 

EMS_PRIV is a Boolean parameter that gives the user permission to use the Windows® Server 2003 EMS 
service. This parameter is optional, and the Boolean string must be set to "Yes" if the user should be 
allowed to use EMS services. If this parameter is used, the Boolean string value must never be blank. 

UPDATE_ILO_PRIV is a Boolean parameter that allows the user to copy a new firmware image into the 
iLO 2 system ROM. This parameter is optional, and the Boolean string must be set to "Yes" if the user 
should be allowed to configure iLO 2. If this parameter is used, the Boolean string value must never be 
blank. 

CONFIG_RACK_PRIV is a Boolean parameter that gives the user permission to configure and manage the 
server rack resources. This parameter is applicable to ProLiant BL pOlass servers only. This parameter is 
optional, and the Boolean string must be set to "Yes" if the user should be allowed to manage or 
configure rack resources. If this parameter is used, the Boolean string value must never be blank. 

DIAG_PRIV is a Boolean parameter that gives the user permission to view diagnostic information about 
iLO 2. This parameter is optional, and the Boolean string must be set to "Yes" if the user should have 
diagnostic privileges. If this parameter is used, the Boolean string value must never be blank. 

ADD_USER runtime errors 

The possible ADD USER error messages include: 

• Login name is too long. 

• Password is too short. 

• Password is too long. 

• User table is full. No room for new user. 

• Cannot add user. The user name already exists. 

• User information is open for read-only access. Write access is required for this operation. 
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• User name cannot be blank. 

• User login ID cannot be blank. 

• Boolean value not specified. 

• User does not have correct privilege for action. ADMINPRIV required. 



DELETEJJSER 

The DELETEUSER command is used to remove an existing local user's account. The USERLOGIN 
parameter must exist in the current user database. For this command to parse correctly, the command 
must appear within a USERJNFO command block, and USERJNFO MODE must be set to write. The user 
must have the administrative privilege. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" 

PASSWORD="password"> 

<USER_INFO MODE="write"> 

<DELETE_USER USER_LOGIN="username" /> 

</USER_INFO> 

</LOGIN> 
</RIBCL> 

DELETEJJSER parameter 

USER LOGIN is the login name of the user account. This parameter is case sensitive and must never be 
blank. 

DELETE_USER runtime errors 

The possible DELETE USER errors include: 

• User information is open for read-only access. Write access is required for this operation. 

• Cannot delete user information for currently logged in user. 

• User login name was not found. 

• User login name must not be blank. 

• User does not have correct privilege for action. ADMIN PRIV required. 

DELETE_CURRENT_USER 

The DELETECURRENTUSER command is used to remove the user account defined by the USER LOGIN 
attribute. The USER LOGIN parameter must exist in the current user database. For this command to parse 
correctly, the command must appear within a USERJNFO command block, and USERJNFO MODE must 
be set to write. The user must have the administrative privilege. 

This command is intended for customers who desire to delete all user accounts on iLO 2. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER LOGIN="adminname" 
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PASSWORD="password"> 

<USER_INFO MODE="write"> 

<DELETE_CURRENT_USER/> 

</USER_INFO> 

</LOGIN> 
</RIBCL> 

DELETE_CURRENT_USER parameters 

None 

DELETE_CURRENT_USER runtime errors 

The possible DELETE_CURRENT_USER errors include: 

User information is open for read-only access. Write access is required for this operation. 

GETJJSER 

The GET_USER command will return a local user's information, excluding the password. The 
USERLOGIN parameter must exist in the current user database. For this command to parse correctly, the 
command must appear within a USERJNFO command block, and USERJNFO MODE can be in read or 
write. The user must have the administrative privilege to retrieve other user accounts; else the user can 
only view their individual account information. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<USER_INFO MODE="read"> 

<GET_USER USER_LOGIN="username"/> 

</USER_INFO> 

</LOGIN> 
</RIBCL> 

GET_USER parameter 

USER LOGIN is the login name of the user account. This parameter is case sensitive and must never be 
blank. 

GET_USER runtime errors 

The possible GETUSER error messages include: 

• User login name must not be blank. 

• User login name was not found. 

• User does not have correct privilege for action. ADMIN PRIV required. 



GET_USER return messages 



A possible GET USER return message includes: 

<RESPONSE 
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STATUS="OxOOOO" 
MSG="No Errors" 

<GET_USER 

USE R_N AME = " Admi n User" 

USER_LOGIN= "username" 

ADMIN_PRIV="N" 

REMOTE_CONS_PRIV="Y" 

RESET_SERVER_PRIV="N" 

VIRTUAL_MEDIA_PRIV="N" 

CONFIG ILO PRIV value ="No" 



MOD USER 



The MOD USER command is used to modify an existing local user's account. The USER LOGIN 
parameter must exist in the current user database. For this command to parse correctly, the command 
must appear within a USERJNFO command block, and USERJNFO MODE must be set to write. The user 
must have the administrative privilege. A user without the administrative privilege can only modify their 
individual account password. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<USER_INFO MODE="write"> 
<MOD_USER USER_LOGIN="loginname"> 

<USER_NAME value="username" /> 

<USER_LOGIN value="newloginname" /> 

<PASSWORD value="password"/> 

<ADMIN_PRIV value="No"/> 

<REMOTE_CONS_PRIV value=" Yes " /> 

<RESET_SERVER_PRIV value="No"/> 

<VIRTUAL_MEDIA_PRIV value="No"/> 

<CONFIG_ILO_PRIV value=" Yes " /> 

</MOD_USER> 

</USER_INFO> 

</LOGIN> 
</RIBCL> 

Reset administrator password example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<USER_INFO MODE="write"> 

<MOD_USER USER_LOGIN="Administrator"> 

<PASSWORD value="password"/> 

</MOD_USER> 
</USER_INFO> 
</LOGIN> 
</RIBCL> 
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Change password example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<USER_INFO MODE="write"> 

<MOD_USER USER_LOGIN="username"> 

<PASSWORD value="newpas sword" /> 

</MOD_USER> 
</USER_INFO> 
</LOGIN> 
</RIBCL> 

MOD_USER parameters 

USERLOGIN is the login name of the user account. This parameter is case sensitive and must never be 
blank. 

If the following parameters are not specified, then the parameter value for the specified user is preserved. 

USERNAME is the actual name of the user to be added. This parameter is case sensitive, can be any 
valid string, and has a maximum length of 39 characters. This string is used for display only and must 
never be blank. 

USER LOGIN is the name used to gain access to the respective iLO 2. This parameter can be a 
combination of any printable characters up to a maximum length of 39 characters. This parameter is case 
sensitive and must never be blank. 

PASSWORD is the password associated with the user. This parameter is case sensitive and can be a 
combination of any printable characters. The length is user defined and can be a minimum of zero 
characters and a maximum of 39 characters. The minimum length is defined in the iLO 2 Global Settings 
and has a default value of eight characters. 

ADMINPRIV is a Boolean parameter that allows the user to administer user accounts. The user can 
modify their account settings, modify other user account settings, add users, and delete users. Omitting 
this parameter prevents the user from adding, deleting, or configuring user accounts. 

REMOTE_CONS_PRIV is a Boolean parameter that gives permission for the user to access the Remote 
Console functionality. This parameter is optional, and the Boolean string must be set to "Yes" if the user 
should have this privilege. If this parameter is used, the Boolean string value must never be left blank. 
Omitting this parameter denies the user access to Remote Console functionality. 

RESET SERVER PRIV is a Boolean parameter that gives the user permission to remotely manipulate the 
server power setting. This parameter is optional, and the Boolean string must be set to "Yes" if the user 
should have this privilege. If this parameter is used, the Boolean string value must never be left blank. 
Omitting this parameter prevents the user from manipulating the server power settings. 

VIRTUAL MEDIA PRIV is a Boolean parameter that gives the user permission to access the virtual media 
functionality. This parameter is optional, and the Boolean string must be set to "Yes" if the user should 
have this privilege. If this parameter is used, the Boolean string value must never be left blank. Omitting 
this parameter denies the user virtual media privileges. 

CONFIG_ILO_PRIV is a Boolean parameter that allows the user to configure iLO settings. This privilege 
includes network settings, global settings, Insight Manager settings, and SNMP settings. This parameter is 
optional, and the Boolean string must be set to "Yes" if the user should have this privilege. If this 
parameter is used, the Boolean string value must never be blank. Omitting this parameter prevents the 
user from manipulating the current iLO 2 configuration. 
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MOD 



USER runtime errors 



The possible MODUSER error messages include: 
• Login name is too long. 



Password is too short. 
Password is too long. 

User information is open for read-only access. Write access is required for this operation. 

User login name must not be blank. 

Cannot modify user information for currently logged user. 

User does not have correct privilege for action. ADMINPRIV required. 



The GETALLUSERS command will return all USER LOGIN parameters in the user database. For this 
command to parse correctly, the command must appear within a USERJNFO command block, and 
USERJNFO MODE can be in read or write. The user must have the administrative privilege to retrieve all 
user accounts. 



<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<USER_INFO MODE="read"> 

<GET_ALL_USERS /> 

</USER_INFO> 

</LOGIN> 
</RIBCL> 



GET 



ALL USERS 



Example: 



GET_ALL_USERS parameters 



None 



GET 



ALL USERS runtime errors 



The possible GET ALL USERS error messages include: 

User does not have correct privilege for action. ADMIN PRIV required. 



GET_ALL_USERS return messages 



A possible GET ALL USERS return message is: 

<RESPONSE 



STATUS="0x0000 



MESSAGE= ' No Error 

/> 

<GET ALL USERS> 



<USER LOGIN VALUE="username"/> 



<USER LOGIN VALUE="user2"/> 



<USER LOGIN VALUE="user3"/> 
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<USER 


LOGIN 


VALUE= 


"user4"/> 


<USER 


LOGIN 


VALUE= 


"user5"/> 


<USER 


LOGIN 


VALUE= 


"user6"/> 


<USER 


LOGIN 


VALUE= 


"user7"/> 


<USER 


LOGIN 


VALUE= 


"user8 " /> 


<USER 


LOGIN 


VALUE= 


"user9"/> 


<USER 


LOGIN 


VALUE= 


"userlO"/> 


<USER 


LOGIN 


VALUE= 


""/> 


<USER 


LOGIN 


VALUE= 


""/> 



</GET_ALL_USERS> 

A possible unsuccessful request is: 

<RESPONSE 

STATUS="0x0023" 

MESSAGE= ' User does NOT have correct privilege for action. ADMIN_PRIV 
required . ' 

/> 

GET_ALL_USER_INFO 

The GET ALL USER INFO command will return all local users information in the user database, excluding 
passwords. For this command to parse correctly, the command must appear within a USERJNFO 
command block, and USERJNFO MODE can be in read or write. The user must have administrative 
privilege to execute this command. 

Example: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<USER_INFO MODE="read"> 

<GET_ALL_USER_INFO /> 

</USER_INFO> 

</LOGIN> 
</RIBCL> 

GET_ALL_USER_INFO parameters 

None 

GET_ALL_USER_INFO runtime errors 

The possible GET ALL USERJNFO error message include: 

User does not have correct privilege for action. ADMIN PRIV required. 

GET_ALL_USER_INFO return messages 

A possible GET ALL USER INFO return message is: 

<GET_ALL_USER_INFO/> 

<GET USER 
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USE R_N AME = " Admi n " 

USER_LOGIN=" Admin" 

ADMIN_PRIV="Y" 

CONFIG_RILO_PRIV="Y" 

LOGIN_PRIV="Y" 

REMOTE_CONS_PRIV="Y" 

RESET_SERVER_PRIV="Y" 

VIRTUAL_MEDIA_PRIV="Y" 
/> 

The same information will be repeated for all the users. 
</GET_ALL_USER_INFO> 

A possible unsuccessful request is: 

<RESPONSE 

STATUS="0x0023" 

MESSAGE= ' User does NOT have correct privilege for action. ADMIN_PRIV 
required . ' 



The RIBJNFO command can only appear within a LOGIN command block. When the command is 
parsed, it reads the iLO 2 configuration information database into memory and prepares to edit it. Only 
commands that are RIBJNFO type commands are valid inside the RIBJNFO command block. The 
RIBJNFO command generates a response that indicates to the host application whether the database 
was successfully read or not. If the database is open for writing by another application, then this call will 



RIBJNFO requires the MODE parameter with a value of read or write. MODE is a specific string 
parameter with a maximum length of 10 characters that specifies what you intend to do with the 
information. 

Write mode enables both reading and writing of iLO 2 information. Read mode prevents modification of 
the iLO 2 information. 



<RIB_INFO MODE="write"> 

RIB_INFO commands 

</RIB_INFO> 

Clear iLO 2 event log example: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="write"> 

<CLEAR_EVENTLOG/> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 



/> 




fail. 



Example: 
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RESET_RIB 

The RESET RIB command is used to reset iLO 2. For this command to parse correctly, the command must 
appear within a RIBJNFO command block, and RIBJNFO MODE can be set to read or write. The user 
must have the configure iLO 2 privilege to execute this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN=" Admin" PASSWORD="Password"> 

<RIB_INFO MODE = "write"> 

<RESET_RIB/> 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

RESET_RIB parameters 

None 

RESET_RIB runtime errors 

The possible RESET RIB error message include: 

User does not have correct privilege for action. CONFIG_ILO_PRIV required. 

GET_EVENT_LOG 

The GETEVENTLOG command retrieves the iLO 2 Event Log or the Integrated Management log, 
depending on the context of the command. For this command to parse correctly, the command must 
appear within a RIBJNFO or SERVERJNFO command block. To retrieve the iLO 2 Event Log, use the 
RIBJNFO command block. To retrieve the Integrated Management log use, the SERVERJNFO command 
block. 

Examples: 

• iLO 2 Event Log example: 

<RIBCL version="2 .21"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="READ"> 

<GET_EVENT_LOG /> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 

• Integrated Management log example: 

<RIBCL version="2 .21"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="READ"> 

<GET_EVENT_LOG /> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 
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GET 



EVENT_LOG parameters 



None 



GET 



EVENT LOG runtime errors 



GET_EVENT_LOG returns a runtime error if it is not called from within the RIBJNFO or SERVE RJNFO 
block. For example: 

<RIBCL VERSI0N="2 .21"> 

<RESPONSE 
STATUS="0x0001" 

MESSAGE= ' Syntax error: Line #3: syntax error near ">" in the line: " 
GET_EVENT_LOG >" ' 

/> 



The response includes all of the events recorded, in the order that they occurred. Events are not sorted by 
severity or other criteria. Each event includes a common set of attributes: 

• SEVERITY indicates the importance of the error and how it might impact server or iLO 2 availability. 

o FAILED indicates a problem or component failure that might impact operational time if it is not 
addressed. 

o CAUTION indicates an event that is not expected during normal system operation. This might not 
indicate a platform issue. 

o REPAIRED indicates that an event or component failure has been addressed. 

o INFORMATIONAL indicates that something noteworthy occurred, but operational time is not 
impacted. 

• CLASS indicates the subsystem that generated the event, and can include iLO 2, environment, 
power, system error, rack infrastructure, and more. 

• LAST UPDATE indicates the most recent time this event was modified. 

• INITIALUPDATE indicates when this event first occurred. 

• COUNT indicates the number of times a duplicate event happened. 

• DESCRIPTION indicates the nature of the event and all recorded details. 

The following response is typical of the data returned from the iLO 2 Event Log: 

<EVENT_LOG DESCRIPTION="iLO Event Log"> 

<EVENT 

SEVERITY=" Caution" 
CLASS="iLO" 

LAST_UPDATE="04/04/2004 12:34" 
INITIAL_UPDATE="04/04/2 0 04 12:34" 
C0UNT="1" 

DESCRIPTION="Server reset." 

/> 



</RIBCL> 



GET 



EVENT_LOG return messages 
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</EVENT_LOG> 

The following response is typical of the data returned from the Integrated Management Log: 

<EVENT_LOG DESCRI PTION=" Integrated Management Log"> 

<EVENT 

SEVERITY=" Caution" 
CLASS="POST Message" 
LAST_UPDATE="04/04/2004 12:34" 
INITIAL_UPDATE="04/04/2 0 04 12:34" 
C0UNT="1" 

DESCRIPTION="POST Error: 1775-Drive Array - ProLiant Storage System 
not Responding" 

/> 

</EVENT_LOG> 

CLEAR_EVENTLOG 

The CLEAREVENTLOG command clears the iLO 2 Event Log. For this command to parse correctly, the 
command must appear within a RIBJNFO command block, and RIBJNFO MODE must be set to write. 
The user must have the configure iLO 2 privilege to execute this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="write"> 

<CLEAR_EVENTLOG/> 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

CLEAR_EVENTLOG parameters 

None 

CLEAR_EVENTLOG runtime errors 

The possible CLEAR EVENTLOG error messages are: 

• RIB information is open for read-only access. Write access is required for this operation. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 

COMPUTER_LOCK_CONFIG 

The COMPUTER LOCK CONFIG command is used to configure the Remote Console Computer Lock 
feature. For this command to parse correctly, the command must appear within a RIBJNFO command 
block, and RIBJNFO MODE must be set to write. You must have the Configure iLO 2 privilege to execute 
this command. 
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Uppercase letters are not supported, and are converted automatically to lowercase. If either a double 
quote or a single quote is used, it must be different from the delimiter. For a complete list of the supported 
custom keys, see the HP Integrated Lights-Out 2 User Guide. 

Windows® example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<RIB_INFO_MODE="write"> 

<COMPUTER_LOCK_CONFIG> 

<COMPUTER_LOCK value="windows " /> 

</COMPUTER_LOCK_CONFIG> 
</RIB_INFO_MODE="write"> 
</LOGIN> 
</RIBCL> 

Custom example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<RIB_INFO_MODE="write"> 

<COMPUTER_LOCK_CONFIG> 

<COMPUTER_LOCK value="custom" /> 

<COMPUTER_LOCK key=" l_gui , 1 " /> 

</COMPUTER_LOCK_CONFIG> 
</RIB_INFO_MODE="write"> 
</LOGIN> 
</RIBCL> 

Disabled example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<RIB_INFO_MODE="write"> 

<COMPUTER_LOCK_CONFIG> 

<COMPUTER_LOCK value="disabled" /> 

< / COMPUTER_LOCK_CONF I G> 
</RIB_INFO_MODE="write"> 
</LOGIN> 
</RIBCL> 

COMPUTER_LOCK_CONFIG parameters 

The computer lock on Windows®-based operating systems defaults to the Windows® logo + L keys. You 
can customize Linux and other operating systems by setting the <COMPUTER_LOCK 

value="custom"/> parameter. For example: 

<COMPUTER_LOCK key=" l_gui , 1 " /> 

COMPUTER_LOCK_CONFIG runtime errors 

The possible COMPUTERLOCKCONFIG error messages include: 

• RIB information is open for read-only access. Write access is required for this operation. 

• Invalid number of parameters. The maximum allowed is five. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 

• Invalid COMPUTE R_LOCK option; value must be windows, custom, or disabled. 
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• COMPUTERJ.OCK value must be set to custom to use the COMPUTERLOCKKEY tag. 

• The COMPUTERJ.OCK key command was used without a preceding COMPUTER_LOCK value 
command equal to custom. 

• The key parameter specified is not valid 

GET_NETWORK_SETTINGS 

The GET NETWORK SETTINGS command requests the respective iLO 2 network settings. For this 
command to parse correctly, the command must appear within a RIBJNFO command block, and 
RIBJNFO MODE can be set to read or write. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="read"> 

<GET_NETWORK_SETTINGS/> 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

GET_NETWORK_SETTINGS parameters 

None 

GET_NETWORK_SETTINGS runtime errors 

None 

GET_N ETWORK_S ETTI NGS return messages 

A possible GET_NETWORK_SETTINGS return message is: 

<ENABLE_NIC VALUE="Y"/> 

<S HARE D_NE T WORK_PORT VALUE= " N " / > 
<VLAN ENABLED="N" / > 
<VLAN_ID VALUE="0"/> 
<SPEED_AUTOSELECT VALUE="Y"/> 
<NIC_SPEED VALUE="10"/> 
<FULL_DUPLEX VALUE="N"/> 
<DHCP_ENABLE VALUE="Y"/> 
<DHCP_GATEWAY VALUE="Y"/> 
<DHCP_DNS_SERVER VALUE="Y"/> 
<DHCP_WINS_SERVER VALUE="Y"/> 
<DHCP_STATIC_ROUTE VALUE="Y"/> 
<DHCP_DOMAIN_NAME VALUE="Y"/> 
<REG_WINS_SERVER VALUE="Y"/> 
<REG_DDNS_SERVER VALUE="Y"/> 
<PING GATEWAY VALUE="N"/> 
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<MAC_ADDRESS VALUE="0 0 :12:79:a5:25:42"/> 
<IP_ADDRESS VALUE="170 . 100 . 8 . 10"/> 
<SUBNET_MASK VALUE="255 . 255 . 255 . 0"/> 
<GATEWAY_IP_ADDRESS VALUE="17 0 .100.8.254"/> 
<DNS_NAME VALUE="ILO0 0 0FWDC451"/> 
< DOMA I N_N AME VALUE=" f errari . com" /> 
<PRIM_DNS_SERVER VALUE=" 1 72 . 2 5 . 1 63 . 199"/> 
<SEC_DNS_SERVER VALUE=" 0 . 0 . 0 . 0"/> 
<TER_DNS_SERVER VALUE=" 0 . 0 . 0 . 0"/> 
<PRIM_WINS_SERVER VALUE=" 1 72 . 2 5 . 1 63 . 199"/> 
<SEC_WINS_SERVER VALUE="0 . 0 . 0 . 0"/> 
<STATIC_ROUTE_l DEST=" 0.0.0.0" 

GATEWAY=" 0 . 0 . 0 . 0"/> 
<STATIC_ROUTE_2 DEST=" 0.0.0.0" 

GATEWAY=" 0 . 0 . 0. 0"/> 

<STATIC_ROUTE_3 DEST=" 0.0.0.0" 

GATEWAY=" 0 . 0 . 0 . 0"/> 
</GET_NETWORK_SETTINGS> 

A possible unsuccessful request is: 

<RESPONSE 

STATUS = "0x0001" 

MSG = "Error Message"/> 

MOD_NETWORK_SETTINGS 

MOD NETWORK SETTINGS is used to modify network settings. For this command to parse correctly, the 
command must appear within a RIBJNFO command block, and RIBJNFO MODE must be set to write. 
The user must have the configure iLO 2 privilege to execute this command. 

The iLO 2 scripting firmware does not attempt to decipher if the network modifications are appropriate for 
the network environment. When modifying network settings, be aware of the network commands 
provided to the management processor. In some cases, the management processor ignores commands 
and no error is returned. For example, when a script includes the command to enable DHCP and a 
command to modify the IP address, the IP address is ignored. Changing the network settings to values that 
are not correct for the network environment might cause a loss of connectivity to iLO 2. 

The iLO 2 management processor reboots to apply the changes after the script has successfully 
completed. If connectivity to iLO 2 is lost, use RBSU to reconfigure the network settings to values that are 
compatible with the network environment. 

Example: 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<RIB_INFO MODE="write"> 

<MOD_NETWORK_SETTINGS> 

<ENABLE_NIC value=" Yes " /> 

<REG_DDNS_SERVER value="Yes" /> 

<PING_GATEWAY value="No"/> 

<DHCP DOMAIN NAME value=" Yes " /> 
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<SPEED_AUTOSELECT value=" YES " / > 
<NIC_SPEED value="100"/> 
<FULL_DUPLEX value=" Yes " /> 
<DHCP_ENABLE value="No"/> 
<IP_ADDRESS value="172 .20 . 60 . 152"/> 
<SUBNET_MASK value="255 . 255 . 255 . 0"/> 
<GATEWAY_IP_ADDRESS value=" 1 72 . 2 0 . 60 . l"/> 
<DNS_NAME value="demoilo"/> 
<DOMAIN_NAME value=" internal . com"/> 
<DHCP_GATEWAY value=" Yes " /> 
<DHCP_DNS_SERVER value=" Yes " /> 
<DHCP_WINS_SERVER value=" Yes " /> 
<DHCP_STATIC_ROUTE value="Yes" /> 
<REG_WINS_SERVER value=" Yes " /> 
<PRIM_DNS_SERVER value="0 . 0 . 0 . 0"/> 
<SEC_DNS_SERVER value="0 . 0 . 0 . 0"/> 
<TER_DNS_SERVER value="0 . 0 . 0 . 0"/> 
<PRIM_WINS_SERVER value="0 . 0 . 0 . 0"/> 
<SEC_WINS_SERVER value="0 . 0 . 0 . 0"/> 

<STATIC_ROUTE_l DEST=" 0.0.0.0" GATEWAY=" 0 . 0 . 0 . 0 " /> 
<STATIC_ROUTE_2 DEST=" 0.0.0.0" GATEWAY=" 0 . 0 . 0 . 0 " /> 
<STATIC_ROUTE_3 DEST=" 0.0.0.0" GATEWAY=" 0 . 0 . 0 . 0 " /> 

< ! — This tag can be used on an iLO blade server to force iLO --> 

< ! — to attempt to get an IP address from the signal backplane --> 

< ! — in a server enclosure. The IP address must be set prior --> 

<!-- with Mod_Enc_Bay_IP_Settings . xml --> 

<! — <ENCLOSURE_IP_ENABLE VALUE=" Yes " /> — > 

</MOD_NETWORK_SETTINGS> 
</RIB_INFO> 
</LOGIN> 

Modify VLAN example: 

<RIBCL version="2 .21"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<RIB_INFO MODE="WRITE" > 
<MOD_NETWORK_SETTINGS> 

< S HARE D_NE T WORK_PORT VALUE= " Ye s " / > 

<VLAN_ENABLED VALUE="Yes" /> 

<VLAN_ID VALUE="l"/> 

</MOD_NETWORK_SETTINGS> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 

RBSU POST IP example: 

<RIBCL version="2 .21"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
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<RIB_INFO MODE="write" > 

<MOD_GLOBAL_SETTINGS> 

<RBSU_POST_IP VALUE="Y"/> 

</MOD_GLOBAL_SETTINGS> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 

Shared network port example: 

<RIBCL version="2 .21"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<RIB_INFO MODE="WRITE" > 

<MOD_NETWORK_SETTINGS> 

<!-- Desired NIC: Substitute: --> 

<! — iLO NIC <SHARED_NETWORK_PORT VALUE="N"/> — > 

<! — Host NIC <SHARED_NETWORK_PORT VALUE="Y"/ — > 

<SHARED_NETWORK_PORT VALUE="N"/> 

</MOD_NETWORK_SETTINGS> 
</RIB_INFO> 
</LOGIN> 
</RIBCL> 

MOD_NETWORK_SETTINGS parameters 

If the following parameters are not specified, then the parameter value for the specified setting is 
preserved. Zero values are not permitted in some fields. Consequently, an empty string deletes the current 
value in some fields. 

ENABLE_NIC enables the NIC to reflect the state of iLO 2. The values are "Yes" or "No." It is case 
insensitive. 

SHARED_NETWORK_PORT sets the Shared Network Port value. The values are "Yes" or "No." For iLO, 
the Shared Network Port feature is only available on servers with hardware, NIC firmware, and iLO 
firmware that supports this feature. For iLO 2, the Shared Network Port is supported on all firmware 
versions, and the feature is available if the hardware is supported. 



ProLiant server 


Minimum iLO firmware version 


DL320G3 


1.64 


DL360 G4 


1.60 


DL360 G4 


1.64 


DL380 G4 


1.60 


DL385 Gl 


1.64 


DL580 G3 


1.64 


ML370 G4 


1.60 


ML570 G3 


1.64 



When using the iLO 2 Shared Network Port, flashing the iLO 2 firmware through the XML interface takes 
approximately 7 minutes to complete. Flashing the firmware using Shared Network Port with iLO 2 does 
not take any longer to complete than using the dedicated iLO 2 management port. 
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SHARE D_NETWORK_PORT_VLAN VALUE enables iLO 2 Shared Network Port VIAN ID tagging. The 
possible values are "Yes" or "No." 

SHARED_NETWORK_PORT_VLAN_ID VALUE sets the VLAN ID value. Values must be between 1 and 
4094. 

REG_DDNS_SERVER VALUE instructs iLO 2 to register the management port with a DDNS server. The 
possible values are "Yes" or "No." 

SPEED AUTOSELECT is a Boolean parameter to enable or disable the iLO 2 transceiver to auto-detect the 
speed and duplex of the network. This parameter is optional, and the Boolean string must be set to "Yes" 
if this behavior is desired. If this parameter is used, the Boolean string value must never be left blank. The 
possible values are "Yes" or "No." It is case insensitive. 

FULL DUPLEX is used to decide if the iLO 2 is to support full-duplex or half-duplex mode. It is only 
applicable if SPEED_AUTOSELECT was set to "No." The possible values are "Yes" or "No." It is case 
insensitive. 

NIC_SPEED is used to set the transceiver speed if SPEED_AUTOSELECT was set to "No." The possible 
values are " 1 0" or " 1 00." Any other values will result in a syntax error. 

DHCP_ENABLE is used to enable DHCP. The possible values are "Yes" or "No." It is case insensitive. 

IP ADDRESS is used to select the IP address for the iLO 2 if DHCP is not enabled. If an empty string is 
entered, the current value is deleted. 

SUBNET MASK is used to select the subnet mask for the iLO 2 if DHCP is not enabled. If an empty string 
is entered, the current value is deleted. 

GATEWAYJP ADDRESS is used to select the default gateway IP address for the iLO 2 if DHCP is not 
enabled. If an empty string is entered, the current value is deleted. 

DNS_NAME is used to specify the DNS name for the iLO 2. If an empty string is entered, the current 
value is deleted. 

DOMAIN_NAME is used to specify the domain name for the network where the iLO 2 resides. If an 
empty string is entered, the current value is deleted. 

DHCP_GATEWAY specifies if the DHCP-assigned gateway address is to be used. The possible values are 
"Yes" or "No." It is case sensitive. This selection is only valid if DHCP is enabled. 

DHCP_DNS_SERVER specifies if the DHCP-assigned DNS server is to be used. The possible values are 
"Yes" or "No." It is case sensitive. This selection is only valid if DHCP is enabled. 

DHCP_WINS_SERVER specifies if the DHCP-assigned WINS server is to be used. The possible values are 
"Yes" or "No." It is case sensitive. This selection is only valid if DHCP is enabled. 

DHCP_STATIC_ROUTE specifies if the DHCP-assigned static routes are to be used. The possible values are 
"Yes" or "No." It is case sensitive. This selection is only valid if DHCP is enabled. 

REG_WINS_SERVER specifies if the iLO 2 must be register with the WINS server. The possible values are 
"Yes" or "No." It is case sensitive. This selection is only valid if DHCP is enabled. 

PRIM_DNS_SERVER specifies the IP address of the primary DNS server. This parameter is only relevant if 
the DHCP-assigned DNS server address feature is disabled. If an empty string is entered, the current value 
is deleted. 

SEC_DNS_SERVER specifies the IP address of the secondary DNS server. This parameter is only relevant if 
the DHCP-assigned DNS server address feature is disabled. If an empty string is entered, the current value 
is deleted. 
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TER_DNS_SERVER specifies the IP address of the tertiary DNS server. This parameter is only relevant if the 
DHCP-assigned DNS server address feature is disabled. If an empty string is entered, the current value is 
deleted. 

PRIM_WINS_SERVER specifies the IP address of the primary WINS server. This parameter is only relevant 
if the DHCP-assigned WINS server address feature is disabled. If an empty string is entered, the current 
value is deleted. 

SEC_WINS_SERVER specifies the IP address of the secondary WINS server. This parameter is only 
relevant if the DHCP-assigned WINS server address feature is disabled. If an empty string is entered, the 
current value is deleted. 

STATIC_ROUTE_l, STATIC_ROUTE_2, and STATIC_ROUTE_3 are used to specify the destination and 
gateway IP addresses of the static routes. The following two parameters are used within the static route 
commands. If an empty string is entered, the current value is deleted. 

• DEST specifies the destination IP addresses of the static route. This parameter is only relevant if the 
DHCP-assigned static route feature is disabled. If an empty string is entered, the current value is 
deleted. 

• GATEWAY specifies the gateway IP addresses of the static route. This parameter is only relevant if 
the DHCP-assigned static route feature is disabled. If an empty string is entered, the current value is 
deleted. 

WEB AGENTJP ADDRESS specifies the address for the Web-enabled agents. If an empty string is 
entered, the current value is deleted. 

MOD_NETWORK_SETTINGS runtime errors 

The possible MOD NETWORK SETTINGS error messages include: 

• RIB information is open for read-only access. Write access is required for this operation. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 

GET_GLOBAL_SETTINGS 

The GET GLOBAL SETTINGS command requests the respective iLO 2 global settings. For this command 
to parse correctly, the command must appear within a RIBJNFO command block, and RIBJNFO MODE 
can be set to read or write. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="read"> 

<GET_GLOBAL_SETTINGS/> 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

GET_GLOBAL_SETTINGS parameters 

None 
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GET_GLOBAL_SETTINGS runtime errors 

None 

GET_GLOBAL_SETTINGS return messages 

A possible GETGLOBALSETTINGS return message is as follows: 

<GET_GLOBAL_SETTINGS> 

<SESSION_TIMEOUT="12 0"> 
<ILO_FUNCT_ENABLED VALUE="Y"/> 
<F8_PR0MPT_ENABLED="Y"/> 
<F8_L0GIN_REQUIRED="Y"/> 

<REMOTE_CONSOLE_PORT_STATUS VALUE="2 " /> 
<REMOTE_CONSOLE_ENCRYPTION VALUE="Y"/> 
<REMOTE_CONSOLE_ACQUIRE VALUE=" Y" / > 
<PASSTHROUGH_CONFIG VALUE="3"/> 
<HTTPS_PORT VALUE="443"/> 
<HTTP_PORT VALUE="80"/> 
<REMOTE_CONSOLE_PORT VALUE=" 2 3 " / > 
<TERMINAL_SERVICES_PORT VALUE=" 33 8 9 " /> 
<VIRTUAL_MEDIA_PORT VALUE=" 17988 "/> 
<MIN_PASSWORD VALUE="8"/> 

<AUTHENT I CAT I ON_FAI LURE_LOGGING VALUE="Enabled-every 3rd failure"/> 

<REMOTE_KEYBOARD_MODEL VALUE="US"/> 

<SSH_PORT value="22"/> 

<SSH_STATUS value="YES"/> 

<SERIAL_CLI_STATUS value="3"/> 

<SERIAL_CLI_SPEED value="l"/> 
</GET_GLOBAL_SETTINGS> 

A possible GET GLOBAL SETTINGS return message from iLO 2 1 .30 firmware: 

<GET_GLOBAL_SETTINGS> 

<SESSION_TIMEOUT VALUE="0"/> 
<ILO_FUNCT_ENABLED VALUE="Y"/> 
<F8_PROMPT_ENABLED VALUE="Y"/> 
<F8_LOGIN_REQUIRED VALUE="N"/> 
<TELNET_ENABLE VALUE="Y"/> 
< PAS S THR0UGH_C0NF I G VALUE= " 3 " / > 
<HTTPS_PORT VALUE="443"/> 
<HTTP_P0RT VALUE="80"/> 
<REM0TE_C0NS0LE_P0RT VALUE=" 2 3 " / > 
<TERMINAL_SERVICES_PORT VALUE="338 9" /> 
<VIRTUAL_MEDIA_PORT VALUE=" 17988 "/> 
<SSH_P0RT VALUE="22"/> 

<C0NS0LE_CAPTURE_P0RT VALUE= " 17990 "/> 
< SHARED CONSOLE PORT VALUE=" 93 0 0 " /> 
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<SSH_STATUS VALUE="Y"/> 

<SERIAL_CLI_STATUS VALUE="Enabled-Authentication Required"/> 
<SERIAL_CLI_SPEED VALUE=" 9 6 0 0 " /> 
<MIN_PASSWORD VALUE="8"/> 

<AUTHENT I CAT I ON_FAI LURE_LOGGING VALUE="Enabled-every 3rd failure"/> 
<REMOTE_KEYBOARD_MODEL VALUE="US"/> 
<RBSU_POST_IP VALUE="Y"/> 

<HIGH_PERFORMANCE_MOUSE VALUE="Enabled" /> 
<REMOTE_CONSOLE_ACQUIRE VALUE="Y"/> 
<CONSOLE_CAPTURE_ENABLE VALUE="Disabled" /> 
<CONSOLE_CAPTURE_BOOT_BUFFER_ENABLE VALUE="Disabled" /> 
<CONSOLE_CAPTURE_FAULT_BUFFER_ENABLE VALUE="Disabled" /> 
< INTERACT I VE_CONSOLE_REPLAY_ENABLE VALUE="Disabled" /> 
<CAPTURE_AUTO_EXPORT_ENABLE VALUE=" Disabled" /> 
<CAPTURE_AUTO_EXPORT_LOCATION 

VALUE="http: //192 .168.1 . 1 / folder /capture%h%t . ilo" /> 

<CAPTURE_AUTO_EXPORT_USERNAME VALUE=""/> 

<CAPTURE_AUTO_EXPORT_PAS SWORD VALUE= " " / > 

<SHARED_CONSOLE_ENABLE VALUE="Enabled" /> 

<ENFORCE_AES VALUE="N"/> 
</GET_GLOBAL_SETTINGS> 

MOD_GLOBAL_SETTINGS 

The MOD GLOBAL SETTINGS command modifies global settings. For this command to parse correctly, 
the command must appear within a RIBJNFO command block, and RIBJNFO MODE must be set to 
write. The user must have the configure iLO 2 privilege to execute this command. 

The Lights-Out device (not the server) resets automatically to make changes to port settings effective. 
Setting the ILO_FUNCT_ENABLED to No disables the management functions of iLO 2 and iLO. If 
disabled, you must use the iLO Security Override Switch on the server system board and the iLO 2/iLO 
RBSU (F8 key) to re-enable iLO 2/iLO. 

Example 1 : Use CPQLOCFG.EXE version 2.26 or greater with the following scripts. 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="write"> 

<MOD_GLOBAL_SETTINGS> 

<SESSION_TIMEOUT value="60"/> 

<F8_PR0MPT_ENABLED value=" Yes " /> 

<HTTP_PORT value="80"/> 

<HTTPS_PORT value="443"/> 

<REMOTE_CONSOLE_PORT value="2 3"/> 

<REMOTE_CONSOLE_PORT_STATUS value="2 " /> 
<!-- Firmware support information for next 6 tags: --> 
<!-- iLO 2 - All versions. --> 
<!-- iLO - Version 1.50 and later. --> 
<! — RILOE II - None. — > 

< REMOTE CONSOLE ENCRYPTION value=" Yes " /> 
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<MIN_PASSWORD value="8"/> 

<ILO_FUNCT_ENABLED value=" Yes " /> 

<VIRTUAL_MEDIA_PORT value=" 17 98 8 "/> 

<F8_L0GIN_REQUIRED value="No"/> 

<REMOTE_KEYBOARD_MODEL value="US"/> 
<!-- Firmware support information for next 2 tags: --> 
<!-- iLO 2 - All versions. --> 
<!-- iLO - Version 1.50 and later. --> 
<! — RILOE II - Version 1.20 and later. — > 

<PASSTHROUGH_CONFIG value=" 1 " /> 

<TERMINAL_SERVICES_PORT value=" 33 8 9 " /> 
<!-- Firmware support information for next 5 tags: --> 
<!-- iLO 2 - All versions. --> 
<!-- iLO - Version 1.60 and later. --> 
<! — RILOE II - None. — > 

<SSH_PORT value="22"/> 

<SSH_STATUS value="Yes"/> 

<SERIAL_CLI_STATUS value="3"/> 

<SERIAL_CLI_SPEED value="l"/> 

<RBSU_POST_IP value="Y"/> 
<!-- Firmware support information for next tag: --> 
<!-- iLO 2 - All versions. --> 
<!-- iLO - None. --> 
<! — RILOE II - None. — > 



<TELNET_ENABLE value="yes " /> 



Firmware support information for next tag: --> 
iLO 2 - All versions. --> 
iLO - Version 1.75 and later. --> 
RILOE II - None. — > 

It can have the following three values --> 
Disabled: Value = "No" --> 

the mouse uses "relative" coordinates mode, --> 
compatible with most host operating systems. --> 
Enabled: Value = "Yes" --> 

the mouse uses "absolute" coordinates mode, --> 
eliminating synchronization issues --> 
on supported operating systems --> 
Automatic: Value = "Automatic" --> 
iLO picks the appropriate mouse mode when --> 
the iLO 2 driver is loaded on the host operating system. --> 
The selected mode is persistent unless a different --> 
mode is indicated when the OS driver is loaded or --> 
if you choose another setting. --> 

<HIGH_PERFORMANCE_MOUSE value="Automatic " /> 
<!-- Firmware support information for next 13 tags: --> 
<!-- iLO 2 - Version 1.30 and later. --> 
<!-- iLO - None. --> 
<! — RILOE II - None. — > 

<ENFORCE_AES value="Y"/> 

<AUTHENT I CAT I ON_FAI LUREJLOGGING va lue= " 3 " / > 

<CONSOLE_CAPTURE_ENABLE value="Yes" /> 

<CONSOLE CAPTURE BOOT BUFFER ENABLE value="Yes" /> 
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<CONSOLE_CAPTURE_FAULT_BUFFER_ENABLE value="Yes" /> 
< INTERACT I VE_CONSOLE_REPLAY_ENABLE value="Yes" /> 
<CONSOLE_CAPTURE_PORT value=" 1 7 9 9 0 " /> 
<CAPTURE_AUTO_EXPORT_ENABLE value="No" /> 
<CAPTURE_AUTO_EXPORT_LOCATION 

value="HTTP: //l . 1 . 1 . 1/f older /capture%h%t . ilo" /> 

<CAPTURE_AUTO_EXPORT_USERNAME value="username" /> 

<CAPTURE_AUTO_EXPORT_PAS SWORD value="password" /> 

<SHARED_CONSOLE_ENABLE value="No" /> 

<SHARED_CONSOLE_PORT value="9300" /> 
<!-- Firmware support information for next two tags:--> 
<!-- iLO 2 - Version 1.75 and later. --> 
<!-- iLO - None. --> 
<! — RILOE II - None. — > 

<KEY_UP_KEY_DOWN value=" Yes " /> 

<CAPTURE_MANUAL_EXPORT value=" Yes " /> 
<!-- Firmware support information for next tag: --> 
<!-- iLO 2 - Version 1.10 and later. --> 
<!-- iLO - Version 1.80 and later. --> 
<! — RILOE II - None. — > 

<REMOTE_CONSOLE_ACQUIRE value="Yes" /> 
<!-- Firmware support information for next 13 tags: --> 
<! — iLO 2 - None. — > 
<!-- iLO - None. --> 
<!-- RILOE II - All versions. --> 

<! — 

<HOST_KEYBOARD_ENABLED value ="YES"/> 
<REMOTE_KEYBOARD_MODEL value = "US"/> 
<POCKETPC_ACCESS value = "YES"/> 
<CIPHER_STRENGTH value = "128"/> 
<SNMP_ADDRESS_1 value = "123 . 124 . 125 . 126"/> 
<SNMP_ADDRESS_2 value = "test"/> 
<SNMP_ADDRESS_3 value = "dest"/> 
<OS_TRAPS value = "Y"/> 
<RIB_TRAPS value = "N"/> 
<CIM_SECURITY_MASK value = "3"/> 
<EMS_STATUS value = "Y" /> 

<BYPASS_POWER_CABLE_REPORTING value = "N" /> 
<SNMP_PASSTHROUGH_STATUS value = "Y" /> 
— > 

</MOD_GLOBAL_SETTINGS> 

</RIB_INFO> 

</LOGIN> 

</RIBCL> 

As of release iLO 2 version 1 .50, the Virtual Serial Port supports automatically enabling and disabling 
software flow control. By default, this behavior is disabled. You can enable this configuration option using 
the RIBCL only. To enable this option, execute the following script: 

Example 2: 
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<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="Administrator" PASSWORD="password"> 

<RIB_INFO MODE="write"> 

<MOD_GLOBAL_SETTINGS> 

<VSP_SOFTWARE_FLOW_CONTROL value=" Yes " /> 
</MOD_GLOBAL_SETTINGS> 
<RESET_RIB /> 
</RIB_INFO> 
</LOGIN> 
</RIBCL> 



MOD_GLOBAL_SETTINGS parameters 

The following parameters are optional. If you do not specify a parameter, then the parameter value for 
the specified setting is preserved. 

SESSIONTIMEOUT determines the maximum session timeout value in minutes. The accepted values are 
0, 15, 30, 60, and 120. A value of 0 specifies infinite timeout. 

ILO_FUNCT_ENABLED determines if the Lights-Out functionality is enabled or disabled for iLO 2. The 
possible values are Yes or No. This parameter is case insensitive. 

F8_PROMPT_ENABLED determines if the F8 prompt for ROM-based configuration is displayed during 
POST. The possible values are "Yes" or "No." 

F8_LOGIN_REQUTRED determines if login credentials are required to access the RBSU for iLO 2. The 
possible values are Yes or No. 

REMOTE CONSOLE PORT STATUS determines the behavior of remote console service. The possible 
values include: 

• 0— No change 

• 1 —Disabled (The remote console port is disabled. This prevents remote console and telnet sessions 
from being used.) 

• 2— Automatic (This is the default setting. The remote console port remains closed unless a remote 
console session is started.) 

• 3— Enabled (The remote console port is always enabled. This enables remote console and telnet 
sessions to be used.) 

REMOTE CONSOLE ENCRYPTION determines if remote console data encryption is enabled or disabled. 
The possible values are Yes and No. 

REMOTE CONSOLE ACQUIRE determines if the remote console acquire operation is enabled or 
disabled. The possible values are Yes and No. 

PASSTHROUGH CONFIG determines the behavior of a Microsoft® Terminal Services client. The possible 
values are as follows: 

• 0— No change 

• 1 —Disabled (The Terminal Services feature is disabled.) 

• 2— Automatic (The Terminal Services client is launched when remote console is started.) 

• 3— Enabled (This is the default setting. The Terminal Services feature is enabled but does not 
automatically launch when the Remote Console start.) 
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HTTPS_PORT— Specifies the HTTPS (SSL) port number. 
HTTP_PORT— specifies the HTTP port number. 

REMOTEGONSOLEPORT— Specifies the port used for remote console. 

TERMINAL_SERVICES_PORT— Specifies the port used for terminal services. 

VIRTUAL_MEDIA_PORT— Specifies the port used for virtual media. 

NOTE: If port changes are detected, the iLO 2 management processor will be rebooted to 
apply the changes after the script has completed successfully. 



MINPASSWORD— Specifies how many characters are required in all user passwords. The value can be 
from zero to 39 characters. 

AUTHENTICATION_FAILURE_LOGGING— Specifies logging criteria for failed authentications. The 
possible values include: 

• O-Disabled 

• 1 —Enabled (records every authentication failure) 

• 2— Enabled (records every second authentication failure) 

• 3— Enabled (records every third authentication failure: this is the default value.) 

• 5— Enabled (records every fifth authentication failure) 

REMOTEKEYBOARDMODEL— Determines the remote keyboard language translation used during 
remote console operation. The possible values include: 



US 


Belgian 


British 


Danish 


Finnish 


French 


French Canadian 


German 


Italian 


Japanese 


Latin American 


Portuguese 


Spanish 


Swedish 


Swiss French 


Swiss German 







SSHPORT— Specifies the port used for SSH connection on iLO 2. The processor must be reset if this value 
is changed. 

SSHSTATUS— Determines if SSH is enabled. The valid values are Yes or No, which enable or disable 
SSH functionality. 

SERIALCLISTATUS— Specifies the status of the CLI. The possible values include: 

• 0— No change 

• 1 — Disabled 

• 2— Enabled (no authentication required) 

• 3— Enabled (authentication required) 

SERIAL CLI SPEED— Specifies the CLI port speed. The possible values include: 

• 0— No change 

• 1 -9,600 bps 

• 2-19,200 bps 
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• 3-38,400 bps 

• 4-57,600 bps 

• 5-1 15,200 bps 

ENFORCEAES— Determines if iLO 2 enforces the use of AES/3DES encryption ciphers over the iLO 2 
interface, SSH, and XML connections. The possible values are Yes and No. 

VSP_SOFTWARE_FLOW_CONTROL-Specifies if the Virtual Serial Port automatically enables and 
disables software flow control. The possible values are Yes or No. 

MOD_GLOBAL_SETTINGS runtime errors 

The possible MODGLOBALSETTINGS error messages include: 

• RIB information is open for read-only access. Write access is required for this operation. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 

• Unrecognized keyboard model. 

GET_SNMP_IM_SETTINGS 

The GETSNMP JMSETTINGS command requests the respective iLO 2 SNMP IM settings. For this 
command to parse correctly, the GET SNMPJM SETTINGS command must appear within a RIBJNFO 
command block, and RIBJNFO MODE can be set to read or write. 

Example: 

<RIBCL VERSION="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="read"> 

<GET_SNMP_IM_SETTINGS/> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 

GET_SNMP_IM_SETTINGS parameters 

None 

GET_S NMP_IM_S ETTI NGS runtime errors 

None 

GET_SNMP_IM_SETTINGS return messages 

A possible GETSNMP JMSETTINGS return message is: 

<GET_SNMP_IM_SETTINGS> 

<SNMP_ADDRESS_1 VALUE="192 . 168 . 125 . 121"/> 
<SNMP_ADDRESS_2 VALUE="192 . 168 . 125 . 122"/> 
<SNMP_ADDRESS_3 VALUE="192 . 168 . 125 . 123"/> 
<OS_TRAPS VALUE="Yes"/> 
<RIB TRAPS VALUE="No"/> 
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<SNMP_PASSTHROUGH_STATUS VALUE="No"/> 

<WEB_AGENT_IP_ADDRESS VALUE="192 . 168 . 125 . 120"/> 

<CIM_SECURITY_MASK VALUE="3"/> 
</GET_SNMP_IM_SETTINGS> 

MOD_SNMP_IM_SETTINGS 

MOD SNMPJM SETTINGS is used to modify SNMP and Insight Manager settings. For this command to 
parse correctly, the command must appear within a RIBJNFO command block, and RIBJNFO MODE 
must be set to write. The user must have the configure iLO 2 privilege to execute this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="write"> 

<MOD_SNMP_IM_SETTINGS> 

<WEB_AGENT_IP_ADDRESS value="192 . 168 . 125 . 120"/> 

<SNMP_ADDRESS_1 value="192 . 168 . 125 . 121"/> 

<SNMP_ADDRESS_2 value="192 . 168 . 125 . 122"/> 

<SNMP_ADDRESS_3 value="192 . 168 . 125 . 123"/> 

<OS_TRAPS value="Yes"/> 

<RIB_TRAPS value="No"/> 

<SNMP_PASSTHROUGH_STATUS value="No"/> 

<CIM_SECURITY_MASK value="3"/> 

</MOD_SNMP_IM_SETTINGS> 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

MOD_SNMP_IM_SETTINGS parameters 

All of the following parameters are optional. If a parameter is not specified, then the parameter value for 
the specified setting is preserved. 

WEB AGENTJP ADDRESS is the address for the Web-enabled agents. The value for this element has a 
maximum length of 50 characters. It can be any valid IP address. If an empty string is entered, the current 
value is deleted. 

SNMP_ADDRESS_1, SNMP_ADDRESS_2, and SNMP_ADDRESS_3 are the addresses that receive traps 
sent to the user. Each of these parameters can be any valid IP address and has a maximum value of 50 
characters. 

OS_TRAPS determines if the user should receive SNMP traps that are generated by the operating system. 
The possible values are "Yes" and "No." By default, the value is set to "No." 

RIB TRAPS determines if the user should receive SNMP traps that are generated by the RIB. The possible 
values are "Yes" and "No." By default, the value is set to "No." 

SNMP_PASSTHROUGH_STATUS determines if iLO can receive/ send SNMP request from/ to the host 
OS. By default, the value is set to "Yes." 

CIM SECURITY MASK accepts an integer between 0 and 4. The possible values are: 
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• 0— No change 

• 1 —None (No data is returned.) 

• 2— Low (Name and status data are returned. Associations are present if SNMP pass-through is 
supported. If not, the server and management processor are separate entities in the device list.) 

• 3— Medium (iLO 2 and server associations are present but the summary page contains less detail 
than at high security.) 

• 4— High (Associations are present and all data is present on the summary page.) 
Each value indicates the level of data returned over the HTTP port. 

MOD_SNMP_IM_SETTINGS runtime errors 

The possible MOD SNMPJM SETTINGS error messages include: 

• RIB information is open for read-only access. Write access is required for this operation. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 

UPDATE_RIB_FIRMWARE 

The UPDATE RIB FIRMWARE command copies a specified file to iLO 2, starts the upgrade process, and 
reboots the board after the image has been successfully flashed. For this command to parse correctly, the 
command must appear within a RIBJNFO command block, and RIBJNFO MODE must be set to write. 
The user must have the configure iLO 2 privilege to execute this command. 

Example 1 : 

<RIBCL VERSION="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<RIB_INFO MODE="write"> 

<!-- Firmware support information for next tag:--> 

<!-- iLO 2 - 1.70 and later. For servers with TPM enabled. --> 

<!-- iLO - None --> 

<!-- Riloe II - None --> 
<TPM_ENABLED VALUE="Yes" /> 

< U P DAT E_R I B_F I RMWARE IMAGE_LOCAT I ON= " C : \ f i rmwa r e . bin " / > 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

When you send an XML script to update iLO 2 firmware, iLO 2 firmware verifies the TPM configuration 
status of option ROM measuring. If it is enabled, iLO 2 firmware returns the same warning message as 
stated in web interface. You can add the TPM ENABLE command to the script file. HP recommends using 
XML script syntax to execute firmware updates. To enable the firmware update to continue, you must set 
TPMJNABLE to a value of Y or Yes. 

Example 2: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="Administrator" PASSWORD="password"> 
<RIB_INFO MODE="write"> 
<TPM ENABLE ="Yes"/> 
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<UPDATE_RIB_FIRMWARE IMAGE_LOCATION="C : \xl 1 7 0 \ iL02_l 7 OD . bin" /> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 

UPDATE_RIB_FIRMWARE parameters 

IMAGE_LOCATION is the full path file name of the firmware upgrade file. 

TPMENABLE enables the firmware to continue updating when option ROM measuring is enabled. To 
enable the firmware update to continue, you must set TPM ENABLE to a value of Y or Yes. 

UPDATE_RIB_FIRMWARE runtime errors 

The possible UPDATE_RIB_FIRMWARE error messages include: 

• RIB information is open for read-only access. Write access is required for this operation. 

• Unable to open the firmware image update file. 

• Unable to read the firmware image update file. 

• The firmware upgrade file size is too big. 

• The firmware image file is not valid. 

• A valid firmware image has not been loaded. 

• The flash process could not be started. 

• IMAGEJOCATION must not be blank. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 

GET_FW_VERSION 

The GETFWVERSION command requests the respective iLO 2 firmware information. For this command 
to parse correctly, the command must appear within a RIBJNFO command block, and RIBJNFO MODE 
must be set to write. The user must have the configure iLO 2 privilege to execute this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="read"> 

< GE T_F W_VE RS I ON / > 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

GET_FW_VERSION parameters 

None 

GET_FW_VERSION runtime errors 

None 
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GET_FW_VERSION return messages 

The following information is returned within the response: 

<GET_FW_VERSION 

FIRMWARE_VERSION = < firmware version> 
FIRMWARE_DATE = < firmware date> 

MANAGEMENT_PROCESSOR = <management processor type> 

/> 

HOTKEY_CONFIG 

The HOTKEY CONFIG command configures the remote console hot key settings in iLO 2. For this 
command to parse correctly, the command must appear within a RIBJNFO command block, and 
RIBJNFO MODE must be set to write. The user must have the configure iLO 2 privilege to execute this 
command. 

Uppercase letters are not supported, and are converted automatically to lowercase. If you use double or 
single quotes, it must be different from the delimiter. Specifying a blank string removes the current value. 

For a complete list of supported hotkeys, see "Supported Hot Keys (on page 1 03)." 

Example: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="write"> 

<HOTKEY_CONFIG> 

<CTRL_T value="CTRL, ALT, ESC"/> 

<CTRL_U value="L_SHIFT, F10, F12"/> 

<CTRL_V value=""/> 

<CTRL_W value=""/> 

<CTRL_X value=""/> 

<CTRL_Y value=""/> 

</HOTKEY_CONFIG> 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

HOTKEY_CONFIG parameters 

All of the following parameters are optional. If a parameter is not specified, then the parameter value for 
the specified setting is preserved. 

CTRLT specifies settings for the CTRLT hot key. The settings must be separated by commas. For example, 
CTRL_T="CTRL,ALT,ESC." Up to five keystrokes can be configured for each hot key. 

CTRLU specifies settings for the CTRLU hot key. The settings must be separated by commas. For 
example, CTRL_U="CTRL,ALT,ESC." Up to five keystrokes can be configured for each hot key. 

CTRL V specifies settings for the CTRLV hot key. The settings must be separated by commas. For 
example, CTRL V="CTRL,ALT,ESC." Up to five keystrokes can be configured for each hot key. 
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CTRLW specifies settings for the CTRLW hot key. The settings must be separated by commas. For 
example, CTRL_W="CTRL,ALT,ESC." Up to five keystrokes can be configured for each hot key. 

CTRLX specifies settings for the CTRLX hot key. The settings must be separated by commas. For 
example, CTRL_X="CTRL,ALT,ESC." Up to five keystrokes can be configured for each hot key. 

CTRLY specifies settings for the CTRLY hot key. The settings must be separated by commas. For 
example, CTRL_Y="CTRL,ALT,ESC." Up to five keystrokes can be configured for each hot key. 

HOTKEY_CONFIG runtime errors 

The possible HOTKEY CONFIG error messages include: 

• RIB information is open for read-only access. Write access is required for this operation. 

• The hot key parameter specified is not valid. 

• Invalid number of hot keys. The maximum allowed is five. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 

Supported hot keys 

The Program Remote Console Hot Keys page allows you to define up to 6 different sets of hot keys for use 
during a Remote Console session. Each hot key represents a combination of up to 5 different keys which 
are sent to the host machine whenever the hot key is pressed during a Remote Console session. The 
selected key combination (all keys pressed at the same time) are transmitted in its place. For more 
information, refer to "Remote Console hot keys." The following table lists keys available to combine in a 
Remote Console hot key sequence. 
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F6 
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LICENSE 

The LICENSE command activates or deactivates the iLO's advanced features. For this command to parse 
correctly, the command must appear within a RIBJNFO command block, and RIBJNFO MODE must be 
set to write. The user must have the configure iLO 2 privilege to execute this command. 

On a ProLiant BL Class server, there is no need for a licensing key. Advanced features are automatically 
activated. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="write"> 

<LICENSE> 

<ACTIVATE KEY="1111122222333334444455555"/> 

</LICENSE> 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

LICENSE parameters 

ACTIVATE followed by a valid KEY value signals the activation of the iLO 2 advanced pack licensing. 

KEY specifies the license key value. The key should be entered as one continuous string. Commas, 
periods, or other characters should not separate the key value. The key will only accept 25 characters; 
other characters entered to separate key values will be interpreted as a part of the key and result in the 
wrong key being entered. 

LICENSE runtime errors 

The possible LICENSE error messages include: 

• License key error. 

• License is already active. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 

I N S E RT_VI RTU AL_M E Dl A 

This command notifies iLO 2 of the location of a diskette image. The INSERT VIRTUAL MEDIA command 
must display within a RIBJNFO element, and RIBJNFO must be in write mode. 

Example: 
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<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN = "adminname" PASSWORD = "passwords 

<RIB_INFO MODE = "write"> 

<INSERT_VIRTUAL_MEDIA DEVICE="FLOPPY" IMAGE_URL= 
"http : / /servername/path/to/ f ile" /> 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

INSERT_VIRTUAL_MEDIA parameters 

DEVICE specifies the Virtual Media device target. The possible values are FLOPPY or CDROM. If the 
DEVICE is not specified, FLOPPY is assumed. This value is case-sensitive. 

IMAGEURL specifies the URL for the diskette image. The URL format is as follows: 

protocol : / / username : passwords hostname : port/ filename, cgi -helper 

• The protocol field is mandatory and must be either http or https. 

• The username:password field is optional. 

• The hostname field is mandatory. 

• The port field is optional. 

• The filename field is mandatory. 

• The cgi-helper field is optional. 

In addition, the filename field can contain tokens that expand to host-specific strings: 

• %m expands to the iLO 2 MAC address. 

• %'\ expands to the iLO 2 IP address in dotted-quad form. 

• %h expands to the iLO 2 hostname. 
Examples: 

http : / / j ohn : abcl2 3@imgserver . company . com/ disk/win98dos.bin, /cgi- 
bin/hpvf help . pi 

http : / / imgserver . company . com/ disk/boot%m .bin 

This command specifies only the location of the image to be used. For the image to be connected to the 
server, the appropriate BOOTOPTION must be specified using the SET VM STATUS command. If 
BOOTOPTION is set to BOOTONCE and the server is rebooted, any subsequent server reboots eject 
the image. 

INSERT_VIRTUAL_FLOPPY runtime errors 

The possible INSERT_VIRTUAL_FLOPPY error messages include: 

• RIB information is open for read-only access. Write access is required for this operation. 

• IMAGE_URL must not be blank. 

• User does not have correct privilege for action. VIRTUAL MEDIA PRIV required. 

• Unable to parse Virtual Media URL 

• An invalid Virtual Media option has been given. 
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• Virtual Media already connected through a script. You must eject or disconnect before inserting new 
media. 

EJECT_VIRTUAL_MEDIA 

EJECT_VIRTUAL_MEDIA ejects the Virtual Media image if one is inserted. The EJ ECT_VI RTU AL_ME Dl A 
command must display within a RIBJNFO element and RIBJNFO must be in write mode. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN=" Admin" PASSWORD="Password"> 

<RIB_INFO MODE="write"> 

<EJECT_VIRTUAL_MEDIA DEVICE=" FLOPPY" /> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 

EJECT_VIRTUAL_MEDIA parameters 

DEVICE specifies the Virtual Media device target. The possible values are FLOPPY or CDROM. If the 
DEVICE is not specified, FLOPPY is assumed. This value is case-sensitive. 

EJECT_VIRTUAL_MEDIA runtime errors 

The possible EJECT_VIRTUAL_MEDIA errors are: 

• RIB information is open for read-only access. Write access is required for this operation. 

• User does not have correct privilege for action. VIRTUAL MEDIA PRIV required. 

• No image present in the Virtual Media drive. 

• An invalid Virtual Media option has been given. 

GET_VM_STATUS 

GET VM STATUS returns the Virtual Media drive status. This command must display within a RIBJNFO 
element. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN = "adminname" PASSWORD = "passwords 

<RIB_INFO MODE = "read"> 

<GET_VM_STATUS DEVICE="CDROM" /> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 

GET_VM_STATUS parameters 

DEVICE specifies the Virtual Media device target. The possible values are FLOPPY or CDROM. If the 
DEVICE is not specified, FLOPPY is assumed. This value is case-sensitive. 
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GET_VM_STATUS runtime errors 

The possible GET_VM_STATUS error is: 

An invalid Virtual Media option has been given. 

GET_VM_STATUS return messages 

The return message displays the current state of the Virtual Media. The VM APPLET parameter shows if a 
virtual media device is already connected via the Virtual Media Applet. If the VM_APPLET = 
CONNECTED, then the Virtual Media is already in use and cannot be connected via scriptable Virtual 
Media or Virtual Media XML commands. The DEVICE parameter tells which device this return message is 
for. The BOOT OPTION shows the current setting; BOOTALWAYS means that the server will always use 
the Virtual Media device for booting, BOOTONCE means that the server will boot to the Virtual Device 
once and then disconnect the Virtual Media on the subsequent server reboot, and NO_BOOT means that 
the Virtual Media will not be connected during a server reboot. The WRITE PROTECT FLAG parameter 
shows if the Virtual Media image can be written to. The IMAGEJNSERTED parameter tells if the Virtual 
Media device is connected via the scriptable Virtual Media or the Virtual Media XML command. 

A possible GET VM STATUS return message is: 

VM_APPLET = CONNECTED | DISCONNECTED 
DEVICE = FLOPPY | CDROM 

BOOT_OPTION = BOOT_ALWAYS | BOOT_ONCE | NO_BOOT 
WRITE_PROTECT_FLAG = YES | NO 
IMAGE_INSERTED = YES | NO 

NOTE: If the BOOT ONCE boot option is selected, all scriptable virtual media parameters are 
reset to default settings after the server boots. Specifically BOOT_OPTION = NO_BOOT, 
WRITE_PROTECT = NO, and IMAGEJNSERTED = NO. 



SET_VM_STATUS 

The SET VM STATUS command sets the Virtual Media drive status. This command must appear within a 
RIBJNFO element, and RIBJNFO must be set to write. All the parameters in the command are optional. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USERJLOGIN = "adminname" PASSWORD = "passwords 
<RIB_INFO MODE = "write"> 

<SET_VM_STATUS DEVICE = "CDROM"> 

<VM_BOOT_OPTION value = "BOOT_ONCE" /> 

<VM_WRITE_PROTECT value = "Y"/> 

</SET_VM_STATUS> 
</RIB_INFO> 
</LOGIN> 
</RIBCL> 

SET_VM_STATUS parameters 

DEVICE specifies the Virtual Media device target. The possible values are FLOPPY or CDROM. If the 
DEVICE is not specified, FLOPPY is assumed. This value is case-sensitive. 

VM BOOT OPTION specifies the boot option parameter for the Virtual Media. The possible values are 
BOOT ALWAYS, BOOT_ONCE, or NO_BOOT. These values control how the Virtual Media device 
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behaves during the boot phase of the server. Setting these values does not affect the current state of the 
Virtual Media device. These settings only take affect if the Virtual Media device is connected at server 
boot. 

• BOOT ALWAYS sets the VM_BOOT_OPTION to BOOT_ALWAYS. The Virtual Media device will 
always be connected during server boot. The Virtual Media device is not connected immediately 
when the VMBOOTOPTION is set. The Virtual Media device is connected on the next server boot 
after setting of the VM_BOOT_OPTION. 

• BOOT_ONCE sets the VM_BOOT_OPTION to BOOT_ONCE. The Virtual Media device is 
connected during the next server boot, but on any subsequent server boots, it will not be connected. 
The BOOTONCE option is intended to boot one time to the Virtual Media device, use that device 
while the server is running, and then not have the Virtual Media device available on subsequent 
server reboots. The Virtual Media device is not connected immediately when the 

VM BOOT OPTION is set. The Virtual Media device is connected on the next server boot following 
the setting of the VM BOOT OPTION. After the server has booted once with the Virtual Media 
device connected, on the subsequent server reboot, the Virtual Media device will not be connected 
and the following Virtual Media device settings will be reset to their default values: 

o BOOT_OPTION=NO_BOOT 

o IMAGEJNSERTED = NO 

• NO_BOOT sets the VM_BOOT_OPTION to NO_BOOT. The Virtual Media device is not connected 
during the next server boot. The Virtual Media device is not disconnected immediately when the 
VM BOOT OPTION is set. The Virtual Media device will be disconnected on the next server boot 
following the setting of the VM BOOT OPTION . After the server has booted, the Virtual Media 
device will not be connected and the following Virtual Media device settings will be reset to their 
default values: 

o BOOT_OPTION = NO_BOOT 
o IMAGEJNSERTED = NO 

In addition to the VM_BOOT_OPTIONS, CONNECT and DISCONNECT are also possible values. The 
CONNECT and DISCONNECT settings can be used to control the Virtual Media devices in the same way 
that they are controlled in the Virtual Media applet. Whenever the CONNECT or DISCONNECT 
parameters are set, the Virtual Media device immediately connects or disconnects, respectively, to the 
server. 

• CONNECT sets the VM_BOOT_OPTION to CONNECT. The Virtual Media device is immediately 
connected to the server. Setting the VM BOOT OPTION to CONNECT is equivalent to clicking the 
device Connect button on the Virtual Media Applet. After setting the VM_BOOT_OPTION to 
CONNECT, the VM_GET_STATUS command will show the VM_BOOT_OPTION as 
BOOT_ALWAYS. This is by design and shows that the Virtual Media device is connected like the 
Virtual Media device in the applet which with always be connected during all server boots. 

• DISCONNECT sets the VM_BOOT_OPTION to DISCONNECT. The Virtual Media device is 
immediately disconnected from the server. Setting the VM_BOOT_OPTION to DISCONNECT is 
equivalent to clicking the device Disconnect button on the Virtual Media Applet. Additionally, setting 
the VM_BOOT_OPTION to DISCONNECT is equivalent to issuing the EJECT _VIRTUAL_MEDIA 
command. When the VM_BOOT_OPTION is set to DISCONNECT, the Virtual Media device will not 
be connected and the following Virtual Media device settings will be reset to their default values: 

o BOOT_OPTION = NO_BOOT 

o IMAGEJNSERTED = NO 
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VMWRITEPROTECT sets the write protect flag value for the Virtual Floppy. This value is not significant 
for the Virtual Media CD-ROM. The possible values are Y or N. 

SET_VM_STATUS runtime errors 

The possible runtime errors are: 

• RIB information is open for read-only access. Write access is required for this operation. 

• User does not have correct privilege for action. VIRTUAL MEDIA PRIV required. 

• An invalid Virtual Media option has been given. 

CERTIFICATE_SIGNING_REQUEST 

This command requests a certificate from iLO 2. When this command is received, iLO 2 generates a 
certificate signing request. The request is returned to the user enclosed in a 

CERTIFICATE_SIGNING_REQUEST tag. This command requires CPQLOCFG version 2.26 or later. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN = "adminname" PASSWORD = "passwords 

<RIB_INFO MODE = "write"> 

<CERTIFICATE_SIGNING_REQUEST/> 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

CERTIFICATE_SIGNING_REQUEST parameters 

There are no parameters for this command. 

CERTIFICATE_SIGNING_REQUEST errors 

There are no errors for this command. 

IMPORT_CERTIFICATE 

The IMPORT CERTIFICATE command imports a signed certificate into iLO 2. The signed certificate must 
be a signed version of a certificate signing request. This command requires CPQLOCFG version 2.26 or 
later. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USERJLOGIN = "adminname" PASSWORD = "passwords 
<RIB_INFO MODE = "write"> 
<IMPORT_CERTIFICATE> 
BEGIN CERTIFICATE 



END 

</ IMPORT 
</RIB INFO 



CERTIFICATE- 
CERT I FICATE> 
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</LOGIN> 
</RIBCL> 



IMPORT_CERTIFICATE parameters 

There are no parameters for this command. 

IMPORT_CERTIFICATE errors 

The possible IMPORTCERTIFICATE error messages include: 

• RIB information is open for read-only access. Write access is required for this operation. 

• Error reading certificate: The imported certificate is invalid. 

• Invalid certificate common name: The common name in the certificate does not match iLO 2's 
hostname. 

• Certificate signature does not match private key: The certificate does not correspond to the private 
key stored in iLO 2. 

GET_TWOFACTOR_SETTINGS 

The GET_TWOFACTOR_SETTINGS command requests the respective iLO 2 Two-Factor Authentication 
settings. For this command to parse correctly, the GET_TWOFACTOR_SETTINGS command must appear 
within a RIBJNFO command block, and RIBJNFO MODE can be set to read or write. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="read"> 

<GET_TWOFACTOR_SETTINGS/> 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

GET_TWOFACTOR_SETTINGS parameters 

None 

GET_TWOFACTOR_SETTINGS runtime errors 

None 

GET_TWOFACTOR_SETTINGS return messages 

Starting with iLO 2 1 .20, users can be authenticated with a digital certificate. Depending on the iLO 2 
Two-Factor Authentication settings, the response to GET_TWOFACTOR_SETTINGS will contain different 
data. 

Examples of GET_TWOFACTOR_SETTINGS return messages are: 

Example of a Two-Factor Authentication settings return message with default settings: 

<GET_TWOFACTOR_SETTINGS> 

<AUTH TWOFACTOR ENABLE VALUE="N"/> 
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<CERT_REVOCATION_CHECK VALUE="N"/> 

<CERT_OWNER_SUBJECT/> 
</GET_TWOFACTOR_SETTINGS> 

Example of a Two-Factor Authentication settings return message when SAN field in the certificate for 
directory authentication is enabled: 

<GET_TWOFACTOR_SETTINGS> 

<AUTH_TWOFACTOR_ENABLE VALUE="Y" /> 

<CERT_REVOCATION_CHECK VALUE="N" /> 

<CERT_OWNER_SAN/> 
</GET_TWOFACTOR_SETTINGS> 

MOD_TWOFACTOR_SETTINGS 

The MODTWOFACTORSETTINGS command is used to modify the Two-Factor Authentication settings 
on the iLO 2. For this command to parse correctly, the MOD_TWOFACTOR_SETTINGS command must 
appear within a RIBJNFO command block, and RIBJNFO MODE must be set to write. You must have the 
configure RILOE II privilege to execute this command. Changing the value of 
AUTH_TWOFACTOR_ENABLE will cause the iLO 2 to reset for the new setting to take effect. 

NOTE: The GET_TWOFACTOR_SETTINGS and MOD_TWOFACTOR_SETTINGS commands 
are supported with iLO firmware version 1 .80 and above and with iLO 2 firmware version 
1.10 and above. iLO 1 .80 requires CPQLOCFG version 2.24, and iLO 1.10 requires 
CPQLOCFG version 2.25. 



A Trusted CA Certificate is required for Two-Factor Authentication to function. The iLO 2 will not allow the 
AUTH_TWOFACTOR_ENABLE setting to be set to Yes if a Trusted CA certificate has not been configured. 
Also, a client certificate must be mapped to a local user account if local user accounts are being used. If 
the iLO 2 is using directory authentication, client certificate mapping to local user accounts is optional. 

To provide the necessary security, the following configuration changes are made when Two-Factor 
Authentication is enabled: 

• Remote Console Data Encryption: Yes (this will disable telnet access) 

• Enable Secure Shell (SSH) Access: No 

• Serial Command Line Interface Status: Disabled 

If telnet, SSH or Serial CLI access is required, re-enable these settings after Two-Factor Authentication is 
enabled. However, because these access methods do not provide a means of Two-Factor Authentication, 
only a single factor is required to access the iLO 2 with telnet, SSH, or serial CLI. 

When Two-Factor Authentication is enabled, access with the CPQLOCFG utility is disabled because 
CPQLOCFG does not supply all authentication requirements. However, the HPONCFG utility is functional, 
since administrator privileges on the host system are required to execute this utility. 

• Example of enabling Two-Factor Authentication: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="write"> 

<MOD_TWOFACTOR_SETTINGS> 

<AUTH_TWOFACTOR_ENABLE value=" Yes " /> 

<CERT REVOCATION CHECK value="No"/> 



Using RIBCL 1 1 1 



<CERT_OWNER_SAN/> 

</MOD_TWOFACTOR_SETTINGS> 

</RIB_INFO> 

</LOGIN> 
</RIBCL> 

• Importing a CA and a user certificate example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="test" PASSWORD="password"> 

<RIB_INFO MODE="write"> 

<MOD_TWOFACTOR_SETTINGS> 

<CERT_OWNER_SAN/> 

< IMPORT_CA_CERT I FI CATE> 
BEGIN CERTIFICATE 

MIIEtzCCA5+gAwIBAgIQBGg9C0d7B5pF/14bVA4 4hjANBgkqhkiG9w0BAQUFADBM 
MRMwEQYKCZImiZPyLGQBGRYDTEFCMRUwEwYKCZImiZPyLGQBGRYFSkpSSUIxH j Ac 

9gVCPSOQUGMMZUeNYOBkTE0e+MrPGL+TqQEyIakF3rjA2 PbLluSY6d4dlCx7izkO 

buEpHTPDqs9gZ3U5ht9bjES93UHnDENLopkZ2JgGwH8Y50eBnjq4xml9psbYZn5Y 

yWpONE / I j I j Jyww= 

END CERTIFICATE 

< / IMPORT_CA_CERT I FI CATE> 

<IMPORT_USER_CERTIFICATE USER_LOGIN="apollo"> 
BEGIN CERTIFICATE 

CZImiZPyLGQBGRYDTEFCMRUwEwYKCZImiZPyLGQBGRYFSkpSSUIxH j AcBgNVBAMT 
0DU5NDRaMFYxEzARBgo Jkia Jk 

sjbbpNGpxGsK9GZi5j 6UeOYklePyau0TJ3KIm2RPlR2C6XAGz2PTWgsxGlUP91NH 
bf z0+TD0JsschjqK2 3/vr2GxQ9C/835zRxdu5Dn8JGm3/dFHR2VxgCetIxyR9TQC 
ZKTfvIa8N9KvMLZdclSj 94 jUyMZ j YYmCWULW8WySMV7 0nclvrsI2hi3nwMtt2Zvj 
WnbeZujBX9LGz3HdmghgUw4GTwY13ZG8 8snuTyXliLPFXVYXvNAhGeWqXtrh7A90 
3NprjG7DMluw 

END CERTIFICATE 

</IMPORT_USER_CERTIFICATE> 

</MOD_TWOFACTOR_SETTINGS> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 

MOD_TWOFACTOR_SETTINGS parameters 

All of the following parameters are optional. If a parameter is not specified, then the parameter value for 
the specified setting is preserved. 

AUTH_TWOFACTOR_ENABLE enables or disables Two-Factor authentication. The possible values are 
"Yes" and "No." 

CERT_REVOCATION_CHECK causes iLO 2 to use the CRL distribution point attribute of the client 
certificate to download the CRL and check against revocation. The possible values are "Yes" and "No." If 
this setting is set to Yes, and the CRL cannot be downloaded for any reason, authentication will be 
denied. 

CERTOWNERSAN causes iLO 2 to extract the User Principle Name from the Subject Alternative Name, 
and use that for authentication with the directory, for example: username@domain. extension. 
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CERTOWNERSUBJECT causes iLO 2 to derive the user's distinguished name from the subject name. For 
example, if the subject name is "/DC=com/DC=domain/OU=organization/CN=user," iLO 2 will derive: 
"CN=user,OU=organization,DC=domain,DC=com." 

The CE RT_OWN E R_SAN and CERT_OWNER_SUBJECT settings are only used if directory authentication 
is enabled. 

IMPORT CA CERTIFICATE imports the certificate into iLO 2 as the trusted Certificate Authority. iLO 2 will 
only allow client certificates that are issued by this CA. A Trusted CA certificate must be configured in iLO 
2 for Two-Factor authentication to function. 

IMPORT USER CERTIFICATE imports the certificate into iLO 2 and maps it to the specified local user. Any 
client that authenticates with this certificate will authenticate as the local user to which it is mapped. The 
SHA1 hash of this certificate will be displayed on the Modify User website for the user to whom it is 
mapped. If iLO 2 is using directory authentication, client certificate mapping to local user accounts is 
optional and only necessary if authentication with local accounts is desired. 

The IMPORT_CA_CERTIFICATE and IMPORT_USER_CERTIFICATE settings require that base64-encoded 
certificate data be included between the BEGIN and END tags. 

MOD_TWOFACTOR_SETTINGS runtime errors 

The possible MOD TWOFACTOR SETTINGS error messages include: 

• RIB information is open for read-only access. Write access is required for this operation. 

• This setting cannot be changed while Shared Network port is enabled. 

iLO 2 has been configured to use shared network port, which will not function if Two-factor 
authentication is enabled 

• This setting cannot be enabled unless a trusted CA certificate has been imported. 
A CA certificate must be imported before enabling Two-factor authentication. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 



DIRJNFO 

The DIRJNFO command can only appear within a LOGIN command block. When the command is 
parsed, it reads the local directory information database into memory and prepares to edit it. Only 
commands that are DIRJNFO type commands are valid inside the DIRJNFO command block. The 
DIRJNFO command generates a response that indicates to the host application whether the database 
was successfully read or not. If the database is open for writing by another application, then this call will 
fail. 

DIRJNFO requires the MODE parameter with a value of read or write. MODE is a specific string 
parameter with a maximum length of 10 characters that specifies what you intend to do with the 
information. 

Write mode enables both reading and writing of iLO 2 information. Read mode prevents modification of 
the iLO 2 information. 

Example: 

<DIR_INFO MODE="read"> 

DIR_INFO commands 

</DIR INFO 
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GET_DIR_CONFIG 

The GETDIRCONFIG command requests the respective iLO 2 directory settings. For this command to 
parse correctly, the GET DIR CONFIG command must appear within a DIRJNFO command block, and 
DIRJNFO MODE can be set to read or write. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<DIR_INFO MODE="read"> 

<GET_DIR_CONFIG/> 

</DIR_INFO> 

</LOGIN> 
</RIBCL> 

GET_DIR_CONFIG parameters 

None 

GET_DIR_CONFIG runtime errors 

None 

GET_DIR_CONFIG return messages 

Starting with iLO 2 1 .80, directory integration can work with HP Lights-Out schema with or without 
extensions (schema-free). Depending on your directory configuration, the response to GET DIR CONFIG 
contains different data. 

Possible GET DIR CONFIG return messages are: 

• Example of a directory services (with schema extension) return message: 

<GET_DIR_CONFIG> 

<DIR_AUTHENTICATION_ENABLED VALUE="Y"/> 
<DIR_LOCAL_USER_ACCT VALUE="Y"/> 
<DIR_SERVER_ADDRESS VALUE="adserv . demo . com"/> 
<DIR_SERVER_PORT VALUE=" 63 6 " /> 

<DIR_OBJECT_DN VALUE="CN=SERVER1_RIB, OU=RIB, DC=HPRIB, DC=LABS"/> 

<DIR_USER_C0NTEXT1 VALUE="CN=UsersO , DC=HPRIB0 , DC=LABS"/> 

<DIR_USER_CONTEXT2 VALUE="CN=Usersl , DC=HPRIB1 , DC=LABS"/> 

<DIR_USER_CONTEXT3 VALUE=""/> 

< D I R_ENABLE_GRP_AC C T VALUE="N"/> 
</GET_DIR_CONFIG> 

• Example of a schema-free directory (without schema extension) return message: 

<GET_DIR_CONFIG> 

<D I R_AUTHENT I CAT I ON_ENABLED VALUE= " Y" /> 
<DIR_LOCAL_USER_ACCT VALUE="Y"/> 
<DIR_SERVER_ADDRESS VALUE=" adserv . demo . com" /> 
<DIR SERVER PORT VALUE=" 63 6 " /> 
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<DIR_OBJECT_DN VALUE=""/> 

<DIR_USER_C0NTEXT1 VALUE=' 

<DIR_USER_C0NTEXT2 VALUE=' 

<DIR_USER_C0NTEXT3 VALUE=' 
<DIR_ENABLE_GRP_ACCT VALUE 

< D I R_GRP AC C T 1 _N AME VALUE=' 

<DIR_GRPACCT1_PRIV VALUE=' 

< D I R_GRP AC C T 2 _N AME VALUE=' 

<DIR_GRPACCT2_PRIV VALUE=' 

<D I R_GRPAC C T 3_NAME VALUE=' 

<DIR_GRPACCT3_PRIV VALUE=' 

< D I R_GRP AC C T 4 _N AME VALUE=' 

<DIR_GRPACCT4_PRIV VALUE=' 

<DIR_GRPACCT5_NAME VALUE=' 

<DIR_GRPACCT5_PRIV VALUE=' 

<DIR_GRPACCT6_NAME VALUE=' 

<DIR GRPACCT6 PRIV VALUE=' 



CN=Users, DC=demo, DC=com"/> 
"/> 
"/> 
Y"/> 

CN=iLOAdmins, CN=Users, DC=demo, DC=com"/> 

l,2,3,4,5"/> 

" /> 

" /> 

" /> 

" /> 

" /> 

" /> 

" /> 

" /> 

" /> 

" /> 



</ GET DIR CONFIGXGET DIR CONFIG> 



IMPORT_SSH_KEY 

The IMPORT SSH KEY command imports a SSH KEY and associated iLO 2 user name into iLO 2. This 
command requires CPQLOCFG version 2.27 or later. 

After generating an SSH key using ssh-keygen and creating the key. pub file, you must perform the 
following: 

1. Locate the key. pub file and insert its contents between " BEGIN SSH KEY " and " 

--END SSH KEY ". The file begins with the text ssh-dss or ssh-rsa. 

2. At the end of the key, append a space and the name of a valid iLO 2 user name as displayed on the 
Modify User page. For example: xxx some text_xxx ASmith. 

The user name is case-sensitive and must match the case of the iLO 2 user name to associate the SSH key 
with the correct user. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<RIB_INFO MODE="write"> 
•CIMPORT SSH KEY> 



-BEGIN SSH KEY- 



ssh-dss 

ContentOfYourSSHKeyBALftnNE12JR8T8XQqyzqcltt6FLFRXLRM5PJpOf /IG4hN4 5 
+x+JbaqkhH+aKqFjlf01NjszHrFN2 6HlAhWOjY2bEwj2wlJzBMAhXwnPQelQsCnJDf+ 
zCzbDn+5Va8 6+qWxm01sDEChvZPM6wpjkXvHwuInjxTzOGQTq++vmYlol/AAAAFQClM 
FaZjE9 95QhX9HlDaDzpsVTXvwAAAIA6ec/hAkas2N7 62 j tlHvSuvZaQRzu4 9D0t j XVI 
pNdJAhTC8O2 505PzkGLf 5qhrbDnusclCvoH7DuxyHjeOUVxbC5wFQBcGF4VnpYZ8nGQ 
Gt9TQ0iUV+NRwn4CR5ESoi63zTJIvKIYZDT2ISeXhF2iU6txjZzdeEm7vQz3slaY3dg 
AAAIAQ4 6i 6FBz JAYXziF/ qmWMt4y6SlylOQDAsxPKk7rpxegv8RlTeon/ aeL7ojb9GQ 
2xnEN5gobaNZxKz2d4/ jwg3+qgTDT6VlG+b7+nEI/XHIc717/7oqgiOv4VE3WxN+HE9 
JWsv2 jwUpAzRGqJOoojRG/CCruOK+jgTOf /diloOsw== ASmith 
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END SSH KEY 

</IMPORT_SSH_KEY> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 

IMPORT_SSH_KEY parameters 

There are no parameters for this command. 

IMPORT_SSH_KEY runtime errors 

The possible IMPORTSSHKEY error messages include: 

• RIB information is open for read-only access. Write access is required for this operation. 

• Error reading SSH Key: The imported SSH Key is invalid. 

• Invalid iLO user name: The appended user name is not a valid iLO 2 user. 

• No slots are available for storing additional SSH Key. 

MOD_DIR_CONFIG 

The MODDIRCONFIG command modifies the directory settings on iLO 2. For this command to parse 
correctly, the MOD DIR CONFIG command must appear within a DIRJNFO command block, and 
DIRJNFO MODE must be set to write. The user must have the configure iLO 2 privilege to execute this 
command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<DIR_INFO MODE="write"> 

<MOD_DIR_CONFIG> 

<DIR_AUTHENTICATION_ENABLED value=" Yes " /> 

<DIR_LOCAL_USER_ACCT value=" Yes " /> 
<!-- For schemaless Directory configuration, ensure that the following 
settings are modified as reguired so that user can logon with Email 
format and Netbios formats successfully : --> 

<!-- 1. DIR_SERVER_ADDRESS value need to be set to directory server DNS 
Name or FQDN (Full gualified Domain Name) --> 

<!-- Please check and update the following iLO Network Settings. --> 

< ! — 1 . The domain name of iLO should match the domain of the directory 

server. --> 

< ! — 2. One of the primary, secondary or teritiary DNS server must have 
the same IP address as the Directory server. --> 

<DIR_SERVER_ADDRESS value="dlilol . mycompu . com" /> 

<DIR_SERVER_PORT value=" 63 6 " /> 

<DIR_OBJECT_DN value="CN=serverl_rib, OU=RIB, DC=mycompu, DC=com"/> 
<DIR_OBJECT_PASSWORD value="password" /> 

<DIR_USER_C0NTEXT_1 value="CN=Users , DC=mycompu, DC=com"/> 

<DIR_USER_C0NTEXT_2 value="CN=Users2 , DC=mycompu, DC=com"/> 

<DIR_USER_C0NTEXT_3 value="CN=Users3 , DC=mycompu, DC=com"/> 
< ! — Firmware support information for next 12 tags --> 
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<! — iL02 1.75 and later — > 

<!-- iLO - None --> 

<!-- Riloe II - None — > 

<DIR_USER_C0NTEXT_4 value="CN=Users4 , DC=mycompu, DC=com"/> 

<DIR_USER_C0NTEXT_5 value=" CN=Users5 , DC=mycompu , DC=com"/> 

<DIR_USER_C0NTEXT_6 value=" CN=Users 6 , DC=mycompu , DC=com"/> 

<DIR_USER_C0NTEXT_7 value="CN=Users7 , DC=mycompu, DC=com"/> 

<DIR_USER_C0NTEXT_8 value="CN=Users8 , DC=mycompu, DC=com"/> 

<DIR_USER_C0NTEXT_9 value=" CN=Users 9 , DC=mycompu , DC=com"/> 

<DIR_USER_CONTEXT_10 value=" CN=Users 1 0 , DC=mycompu , DC=com"/> 

<DIR_USER_C0NTEXT_11 value=" CN=Users 1 1 , DC=mycompu , DC=com"/> 

<DIR_USER_C0NTEXT_12 value="CN=Usersl2 , DC=mycompu, DC=com"/> 

<DIR_USER_C0NTEXT_13 value=" CN=Users 1 3 , DC=mycompu , DC=com"/> 

<DIR_USER_C0NTEXT_14 value="CN=Usersl4 , DC=mycompu, DC=com"/> 

<DIR_USER_C0NTEXT_15 value=" CN=Users 1 5 , DC=mycompu, DC=com"/> 
<!-- Set the value to "NO" to enable the HP Extended Schema --> 
<!-- and Value "YES" to enable Default Directory Login. --> 
<!-- To set Group Accounts and privileges for Default Schema --> 
<!-- run Mod Schemaless Directory . xml . --> 

<DIR_ENABLE_GRP_ACCT value = "yes"/> 
</MOD_DIR_CONFIG> 
</DIR_INFO> 
</LOGIN> 
</RIBCL> 

NOTE: When using directory integration with schema extension, the following tags must not 
be used: 

• DIR_ENABLE_GRP_ACCT 

• DIR_GRPACCT1 _NAME 
. DIR_GRPACCT1_PRIV 

NOTE: When using schema-free directories, the following tags must not be used: 
. DIR_OBJECT_DN 

• DIR OBJECT PASSWORD 



MOD_DIR_CONFIG parameters 

All of the following parameters are optional. If a parameter is not specified, then the parameter value for 
the specified setting is preserved. 

DIRAUTHENTICATIONENABLED enables or disables directory authentication. The possible values are 
Yes and No. 

DIR_ENABLE_GRP_ACCT causes iLO 2 to use schema-less directory integration. The possible values are 
Yes and No. 

When using schema-free directory integration, iLO 2 supports variable privileges associated with different 
directory groups. These groups are contained in the directory, and the corresponding member iLO 2 
privileges are stored in iLO 2. 
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• DIRGRPACCT1NAME identifies a group container in the directory, such as Administrators, Users, 
or Power Users. 

• DIRGRPACCT1PRIV numerically identify iLO 2 privileges for members of the group. You can mix 
and match privileges by including more than one value. These privileges are expressed as a comma 
separated list of numbers (1,2,3,4,5) which correlate to: 

1. Administer Group Accounts 

2. Remote Console Access 

3. Virtual Power and Reset 

4. Virtual Media 

5. Configure iLO 2 Settings 

NOTE: When using directory integration with schema extension, the following tags must not 
be used: 

• DIR_ENABLE_GRP_ACCT 

• DIR_GRPACCT1_NAME 

• DIR_GRPACCT1_PRIV 

NOTE: When using schema-free directories, the following tags must not be used: 

• DIR_OBJECT_DN 

• DIR_OBJECT_PASSWORD 

DIR LOCAL USER ACCT enables or disables local user accounts. The possible values are Yes and No. 

DIR SERVER ADDRESS specifies the location of the directory server. The directory server location is 
specified as an IP address or DNS name. 

DIRSERVERPORT specifies the port number used to connect to the directory server. This value is 
obtained from the directory administrator. The secure LDAP port is 636, but the directory server can be 
configured for a different port number. 

DIR OBJECT DN specifies the unique name of iLO 2 in the directory server. This value is obtained from 
the directory administrator. Distinguished names are limited to 256 characters. 

DIR OBJECT PASSWORD specifies the password associated with the iLO 2 object in the directory server. 
Passwords are limited to 39 characters. 

DIR_USER_CONTEXT_l, DIR_USER_CONTEXT_2, and DIR_USER_CONTEXT_3 specify searchable 
contexts used to locate the user when the user is trying to authenticate using directories. If the user could 
not be located using the first path, then the parameters specified in the second and third paths are used. 
The values for these parameters are obtained from the directory administrator. Directory User Contexts are 
limited to 1 28 characters each. 

MOD_DIR_CONFIG runtime errors 

The possible MOD DIR CONFIG error messages include: 

• Directory information is open for read-only access. Write access is required for this operation. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 
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RACK INFO 



The RACKJNFO command can only appear within a LOGIN command block. When the command is 
parsed, it reads the rack infrastructure database into memory and prepares to edit it. Only commands that 
are RACKJNFO type commands are valid inside the RACKJNFO command block. The RACKJNFO 
command generates a response that indicates to the host application whether the database was 
successfully read or not. If the database is open for writing by another application, then this call will fail. 

This command block is only valid on ProLiant BL Class servers. RACKJNFO requires the MODE 
parameter with a value of read or write. MODE is a specific string parameter with a maximum length of 
10 characters that specifies what you intend to do with the information. 

Write mode enables both reading and writing of iLO 2 information. Read mode prevents modification of 
the iLO 2 information. 

The possible RACKJNFO error messages include: 

• Invalid Mode. 

• Server is not a rack server; rack commands do not apply. 

Example: 

<RACK_INFO MODE="read"> 

RACK_INFO commands 

</RACK_INFO> 

GET_RACK_SETTINGS 

The GETRACKSETTINGS command requests the respective iLO 2's rack settings. For this command to 
parse correctly, the GET RACK SETTINGS command must appear within a RACKJNFO command block, 
and RACKJNFO MODE can be set to read or write. 

Example: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RACK_INFO MODE="read"> 

<GET_RACK_SETTINGS/> 

</RACK_INFO> 

</LOGIN> 
</RIBCL> 

GET_RACK_S ETTI N GS parameters 

None 

GET_RACK_SETTINGS runtime errors 

None 

GET_RACK_SETTINGS return messages 

A possible GET RACK SETTINGS return message is: 

<GET_RACK_SETTINGS> 

<RACK_NAME VALUE="HPspace" /> 
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<ENCLOSURE_NAME VALUE="Home" / > 
<ENCLOSURE_SN VALUE=" 4 4XP0 6 0 6XP33 " /> 
<BAY_NAME VALUE="Library" /> 
<BAY VALUE="2"/> 

<FAC I L I T Y_PWR_SOURCE VALUE= " N " / > 

<RACK_AUTO_PWR VALUE="Y"/> 

<SNMP_RACK_ALERTS VALUE="Y"/> 

<LOG_RACK_ALERTS VALUE="N"/> 
</GET_RACK_SETTINGS > 

GET_DIAGPORT_SETTINGS 

The GETDIAGPORTSETTINGS command requests the respective iLO diagnostic port settings. For this 
command to parse correctly, the GET DIAGPORT SETTINGS command must appear within a 
RACKJNFO command block, and RACKJNFO MODE can be set to read or write. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RACK_INFO MODE="read"> 

<GET_DIAGPORT_SETTINGS/> 

</RACK_INFO> 

</LOGIN> 
</RIBCL> 

GET_DIAGPORT_SETTINGS parameters 

None 

GET_DIAGPORT_SETTINGS runtime errors 

None 

GET_DIAGPORT_SETTINGS return messages 

A possible GET_DIAGPORT_SETTINGS return message is: 

<GET_DIAGPORT_SETTINGS> 

<DP_SPEED_AUTOSELECT value="No"/> 

<DP_NIC_SPEED value="100"/> 

<DP_FULL_DUPLEX value=" Yes " /> 

<DP_IP_ADDRESS value="192 . 168 . 142 . 56"/> 

<DP_SUBNET_MASK value="255 . 255 . 0 . 0"/> 
</GET_DIAGPORT_SETTINGS > 

MOD_DIAGPORT_SETTINGS 

The MODDIAGPORTSETTINGS command is used modify the diagnostic port network settings on iLO 2. 
For this command to parse correctly, the MOD DIAGPORT SETTINGS command must appear within a 
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RACKJNFO command block, and RACKJNFO MODE must be set to write. The user must have the 
configure iLO 2 privilege to execute this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="username" PASSWORD="password"> 
<RACK_INFO MODE="write"> 
<MOD_DIAGPORT_SETTINGS> 

<DP_SPEED_AUTOSELECT value="No"/> 

<DP_NIC_SPEED value="100"/> 

<DP_FULL_DUPLEX value=" Yes " /> 

<DP_IP_ADDRESS value="192 . 168 . 142 . 56"/> 

<DP_SUBNET_MASK value="255 . 255 . 0 . 0"/> 

</MOD_DIAGPORT_SETTINGS> 

</RACK_INFO> 

</LOGIN> 
</RIBCL> 

MOD_DIAGPORT_SETTINGS parameters 

All of the following parameters are optional. If a parameter is not specified, then the parameter value for 
the specified setting is preserved. 

DPSPEEDAUTOSELECT is used to automatically select the transceiver speed. The possible values are 
"Yes" or "No." It is case insensitive. 

DP_NIC_SPEED is used to set the transceiver speed if DP_SPEED_AUTOSELECT was set to "No." The 
possible values are 1 0 or 1 00. Any other value results in a syntax error. 

DP FULL DUPLEX is used to decide if the iLO 2 diagnostic port is to support full-duplex or half-duplex 
mode. It is only applicable if DP SPEED AUTOSELECT was set to "No." The possible values are "Yes" or 
"No." It is case insensitive. 

DPJPADDRESS is used to select the IP address for the iLO 2 Diagnostic Port. If an empty string is 
entered, the current address is unchanged. The expected format is XXX. XXX. XXX. XXX. 

DP SUBNET MASK is used to select the subnet mask for the iLO 2 Diagnostic Port. If an empty string is 
entered, the current address is unchanged. The expected format is XXX. XXX. XXX. XXX. 

The iLO 2 management processor will be rebooted to apply the changes after the script has completed 
successfully. 

MOD_DIAGPORT_SETTINGS runtime errors 

Possible MOD_DIAGPORT_SETTINGS error messages include: 

• iLO 2 information is open for read-only access. Write access is required for this operation. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 
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GET_ENCLOSURE_IP_SETTINGS 

GET_ENCLOSURE_IP_SETTINGS requests iLO 2 Static IP Bay Configuration settings. This attribute must 
appear inside the RACKJNFO command block. The RACKJNFO command block can be set to read or 
write. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN=" Admin" PASSWORD="password"> 

<RACK_INFO MODE="write"> 

<GET_ENCLOSURE_IP_SETTINGS/> 

</RACK_INFO> 
</LOGIN> 
</RIBCL> 

GET_ENCLOSURE_IP_SETTINGS parameters 

None 

GET_ENCLOSURE_IP_SETTINGS return messages 

A possible GET_ENCLOSURE_IP_SETTINGS return message is: 

<?xml version=" 1 . 0 " ?> 
<RIBCL VERSI0N="2 .22"> 
<RESPONSE 

STATUS="0x0000" 

MESSAGE= ' No error' 

/> 

<GET_ENCLOSURE_IP_SETTINGS> 
<BAY_ENABLE MASK=" 0x0 0 02 " /> 
<IP_ADDRESS VALUE="170 . 100 . 12 . 101"/> 
<SUBNET_MASK VALUE="2 55 .255.255.0"/> 
<GATEWAY_IP_ADDRESS VALUE=" 1 7 0 . 1 0 0 . 12 .254"/> 
<DOMAIN_NAME VALUE=""/> 
<PRIM_DNS_SERVER VALUE="0 . 0 . 0 . 0"/> 
<SEC_DNS_SERVER VALUE="0 . 0 . 0 . 0"/> 
<TER_DNS_SERVER VALUE=" 0 . 0 . 0 . 0 " /> 
<PRIM_WINS_SERVER VALUE="0 . 0 . 0 . 0"/> 
<SEC_WINS_SERVER VALUE="0 . 0.0. 0"/> 
<STATIC_ROUTE_l DESTINATION=" 0 .0.0.0" 

GATEWAY=" 0 . 0 . 0 . 0"/> 
<STATIC_ROUTE_2 DESTINATION=" 0 .0.0.0" 

GATEWAY=" 0 . 0 . 0 . 0"/> 

<STATIC_ROUTE_3 DESTINATION=" 0 .0.0.0" 

GATEWAY=" 0 . 0 . 0 . 0"/> 
</GET_ENCLOSURE_IP_SETTINGS> 
</RIBCL> 
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MOD_ENCLOSURE_IP_SETTINGS 

MOD ENCLOSUREJP SETTINGS modifies the Static IP Bay Configuration settings. This command is only 
valid inside a RACKJNFO block. The logged-in user must have the configure iLO 2 privilege. This 
attribute must appear inside the RACKJNFO command block. The RACKJNFO command block can be 
set to write. 

Modify settings example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN=" Admin" PASSWORD="password"> 
<RACK_INFO MODE="write"> 

<MOD_ENCLOSURE_IP_SETTINGS> 

<BAY_ENABLE MASK=" 0x3FE" / > 

<IP_ADDRESS VALUE="16 . 100 .222 . Ill" /> 

<SUBNET_MASK VALUE="255 . 255 . 252 . 0"/> 

<GATEWAY_IP_ADDRESS VALUE=" 1 6 . 1 0 0 .222 . l"/> 

<DOMAIN_NAME VALUE=" sum . won . here . now" /> 

<PRIM_DNS_SERVER VALUE="16 . 11 . 1 . lll"/> 

<SEC_DNS_SERVER VALUE=""/> 

<TER_DNS_SERVER VALUE=""/> 

<PRIM_WINS_SERVER VALUE=" 16.22.2.222"/> 

<SEC_WINS_SERVER VALUE=""/> 

<STATIC_ROUTE_l DEST="16 . 33.3.33" 

GATEWAY=" 16. 100. 11. 11 "/> 

<STATIC_ROUTE_2 DEST=" " GATEWAY=""/> 

<STATIC_ROUTE_3 DEST=" " GATEWAY=""/> 

</MOD_ENCLOSURE_IP_SETTINGS> 
</RACK_INFO> 
</LOGIN> 
</RIBCL> 

Modify network settings to enable static IP bay configuration example: 

<RIBCL VERSION="2 . 0"> 

<LOGIN USER_LOGIN=" Admin" PASSWORD="password"> 

<RIB_INFO MODE="write"> 

<MOD_NETWORK_SETTINGS> 

<ENCLOSURE_IP_ENABLE VALUE=" Yes " /> 

</MOD_NETWORK_SETTINGS> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 

MOD_ENCLOSURE_IP_SETTINGS parameters 

BAY ENABLEMASK enables the use of Static IP Bay Configuration addressing. The attribute MASK is a 
1 6-bit number. Each bit represents a slot in the enclosure. If the bit is set, that particular slot is assigned to 
use the Static IP Bay Configuration settings. The LSB represents slot 1 . For example, the MASK="0x0001 " 
only allows slot 1 to use Static IP Bay Configuration. This number can be either a hexadecimal number or 
a decimal number. This command must appear inside the MOD ENCLOSURE IP SETTINGS block. 
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ENCLOSUREJPENABLE enables or disables the use of Static IP Bay Configuration. This attribute must 
appear inside the MOD NETWORK SETTINGS command block. The possible values are "Y" or "N." It is 
case insensitive. This attribute is only applicable on blade servers. 

MOD_ENCLOSURE_IP_SETTINGS runtime errors 

The possible MOD_ENCLOSURE_IP_SETTINGS error messages include: 

• Rack information is open for read-only access. Write access is required for this operation. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV is required. 

GETTOPOLOGY 

The GETTOPOLOGY command requests the respective iLO 2 to return the current topology of the rack 
infrastructure. For this command to parse correctly, the GET TOPOLOGY command must appear within a 
RACKJNFO command block, and RACKJNFO MODE can be set to read or write. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RACK_INFO MODE="read"> 

<GET_TOPOLOGY/> 

</RACK_INFO> 

</LOGIN> 
</RIBCL> 

GETJOPOLOGY parameters 

None 

GET_TOPOLOGY return message 

An example of a successful request follows: 

<RK_TPLGY CNT="3"> 
<RUID>xxxxxx</RUID> 

<ICMB ADDR="0xAA55" MFG="232" PROD_ID="NNN" SER="123" NAME=" Power_l "> 
<LEFT/> 

<RIGHT ADDR="0xAB66" SER="123" NAME= " S e rve r_l " / > 

</ICMB> 

<ICMB ADDR="0xAB66" MFG="232" PROD_ID="NNN" SER="456" NAME= " S e rve r_l " > 
<LEFT ADDR="0xAA55" SER="123" NAME=" Power_l "/> 
<RIGHT ADDR="0xAC77" SER="123" NAME=" Power_2 "/> 
</ICMB> 

<ICMB ADDR="0xAC77" MFG="232" PROD_ID="NNN" SER="789" NAME= " Powe r_2 " > 

<RIGHT/> 

</ICMB> 

</RK_TPLGY> 

MOD_BLADE_RACK 

MODBLADERACK command is used to modify the rack infrastructure settings. For this command to 
parse properly, the MOD BLADE RACK command must appear within a RACKJNFO command block, 
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and RACKJNFO MODE must be set to write. The user must have the configure iLO 2 privilege to execute 
this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RACK_INFO MODE="write"> 

<MOD_BLADE_RACK> 

< RAC K_N AME va 1 u e = " C PQ_Ra c k_ 1 " / > 

<ENCLOSURE_NAME value="CPQ_Enclosure_l "/> 

<BAY_NAME value="CPQ_Bay_5 " /> 

<FACILITY_PWR_SOURCE value=" Yes " /> 

<RACK_AUTO_PWR value=" Yes " /> 

<SNMP_RACK_ALERTS value=" Yes " /> 

<LOG_RACK_ALERTS value=" Yes " /> 

</MOD_BLADE_RACK> 

</RACK_INFO> 

</LOGIN> 
</RIBCL> 

MOD_BLADE_RACK parameters 

All of the following parameters are optional. If a parameter is not specified, then the parameter value for 
the specified setting is preserved. 

RACK_NAME is the name used to logically group together enclosures in a single rack infrastructure. This 
parameter can be a combination of any printable characters up to a maximum length of 31 characters. 

ENCLOSURENAME is the name used to logically group together the ProLiant BL-Class servers that 
compose a single enclosure. This parameter can be a combination of any printable characters up to a 
maximum length of 31 characters. 

BAYNAME is the name used to identify a particular ProLiant BL-Class server. This parameter can be a 
combination of any printable characters up to a maximum length of 31 characters. 

FACILITY PWR SOURCE determines the source of power for the blade servers. A value of "Yes" directs 
the server to use facility power and a value of "No" directs the server to use the server blade power 
supplies. 

RACK_AUTO_PWR determines if the blade server should automatically power when inserted into the 
enclosure. A value of "Yes" causes the blade server to automatically power up and begin normal booting 
process if power is available. A value of "No" requires the blade server to be manually powered on. 

SNMPRACKALERTS determines if alerts from the rack infrastructure should be forwarded to user-defined 
SNMP trap destinations. A value of "Yes" enables rack alerts to be forwarded. A value of "No" disables 
rack alerts from being forwarded. 

LOG_RACK_ALERTS determines if alerts from the rack infrastructure should be logged. A value of "Yes" 
enables rack alerts to be logged in the IML log. A value of "No" disables the logging of rack alerts in the 
IML log. 
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MOD_BLADE_RACK runtime errors 

The possible MODBLADERACK error messages include: 

• Rack information is open for read-only access. Write access is required for this operation. 

• Rack Name too long. 

• Enclosure Name too long. 

• Bay Name too long. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 

SERVERJNFO 

The SERVERJNFO command can only appear within a LOGIN command block. Only commands that are 
SERVERJNFO type commands are valid inside the SERVERJNFO command block. 

SERVERJNFO requires the MODE parameter with a value of read or write. MODE is a specific string 
parameter with a maximum length of 10 characters that specifies what you intend to do with the 
information. 

Write mode enables both reading and writing of iLO 2 information. Read mode prevents modification of 
the iLO 2 information. 

Example: 

<SERVER_INFO MODE="read"> 

SERVER_INFO commands 

</SERVER_INFO> 

Reset server example: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="write"> 

<RESET_SERVER/> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

Set host power example: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<SERVER_INFO MODE="write"> 

<!-- Modify the HOST_POWER attribute to toggle power on the host 
server --> 

<!-- HOST_POWER="No" (Turns host server power off) --> 

<!-- A graceful shutdown will be attempted for ACPI-aware — > 

<!-- operating systems configured to support graceful shutdown. --> 

<!-- HOST_POWER="Yes" (Turns host server power on) --> 

<SET_HOST_POWER HOST_POWER="No" /> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 
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GET SERVER NAME 



The GETSERVERNAME command is used to retrieve the host server name used by the iLO 2. You can 
set this parameter using several methods, including the SERVERNAME command, host RBSU, iLO 2 
browser-based interface, and loading HP ProLiant Management Agents. 

This command is supported by iLO 2 firmware version 1 .30 or later. It is not supported by iLO or RILOE II. 

Example: 

<RIBCL version="2 .21"> 

•CLOGIN USER_LOGIN="Administrator" PASSWORD="password"> 

<SERVER_INFO MODE="READ" > 

< GE T_S E RVE R_N AME /> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

iLO 2 maintains consistency between the various places the server name is used. The host RBSU has a 
two-line limitation of 14 characters each, or 28 characters of total server name text length. 

Normally, HP ProLiant Management Agents are used to forward the server name attribute to iLO 2. This 
command can be used in instances where management agents are not used. However, the host operating 
system remains unaffected. 

GET_S E RVE R_N AME return message 

GET SERVER NAME returns the currently stored server name, if available. The server name is a quoted 
ASCII string and cannot be a network name. For example: 

< S E RVE R_N AME VALUE="Linux Development Host" /> 

GET_S E RVE R_N AME runtime errors 

None 

SERVER_NAME 

The SERVER NAME command is used to assign the Server Name attribute shown in the user interface and 
host RBSU. This setting is not forwarded to the host operating system and does not affect the host 
operating system. 

You must have the configure iLO 2 privilege to alter this attribute using the scripting interface. The 
SERVERJNFO section must be set to WRITE mode or an error is returned. 

Example: 

<RIBCL version="2 .21"> 

•CLOGIN USER_LOGIN="Administrator" PASSWORD="password"> 
<SERVER_INFO MODE="write" > 

< S E RVE R_N AME VALUE = "Exchange05" /> 
</SERVER_INFO> 
•c/LOGIN 

SERVER_NAME parameters 

VALUE is a quoted ASCII string less than 50 characters in total length. 
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SERVER_NAME return message 

There is no specific return message if this attribute is successfully set. 

SERVER_NAME runtime errors 

• If the configure iLO settings privilege is absent, a runtime error is returned. 

• If SERVERJNFO is not opened for write, a runtime error is returned. 

GET_EMBEDDED_HEALTH 

GET EMBEDDED HEALTH command is used to retrieve health information of the server. For this command 
to parse correctly, the GET_EMBEDDED_HEALTH command must appear within a SERVERJNFO 
command block. You can set SERVERJNFO MODE to read or write. 

Example: 

<RIBCL VERSI0N="2 .21"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="read"> 

<GET_EMBEDDED_HEALTH /> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 



GET_EMBEDDED_HEALTH parameters 

None 



GET_EMBEDDED_HEALTH return messages 

A possible GET_EMBEDDEDJHEALTH_DATA return message is: 

IP Address is: 16.100.000.192 
cpqlocfg.exe: Receiving (116) : 
<?xml version=" 1 . 0 " ?> 
<RIBCL VERSION="2 .22"> 
<RESPONSE 

STATUS="0x0000" 

MESSAGE= ' No error' 

/> 

</RIBCL> 

cpqlocfg.exe: Receiving (116) : 
<?xml version="l . 0"?> 
<RIBCL VERSION="2 .22"> 
<RESPONSE 

STATUS="0x0000" 

MESSAGE= ' No error' 

/> 

<GET_EMBEDDED_HEALTH_DATA> 
<FANS> 

<FAN> 

< LABEL VALUE = "Fan Block l"/> 
<ZONE VALUE = "Power Supply" /> 
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<STATUS VALUE = "Ok"/> 

<SPEED VALUE = "25" UNIT=" Percentage" /> 
</FAN> 
<FAN> 

< LABEL VALUE = "Fan Block 2"/> 
<ZONE VALUE = "CPU 2"/> 
<STATUS VALUE = "0k"/> 

<SPEED VALUE = "37" UNIT="Percentage" /> 
</FAN> 
</FANS> 
<TEMPERATURE> 
<TEMP> 

< LABEL VALUE = "Temp l"/> 
<LOCATION VALUE = "I/O Board" /> 
<STATUS VALUE = "0k"/> 

<CURRENTREADING VALUE = "29" UNIT="Celsius " /> 
<CAUTION VALUE = "65" UNIT="Celsius " /> 
<CRITICAL VALUE = "70" UNIT=" Celsius " /> 

</TEMP> 

<TEMP> 

< LABEL VALUE = "Temp 2"/> 
<LOCATION VALUE = "Ambient" /> 
<STATUS VALUE = "Failed"/> 

<CURRENTREADING VALUE = "66" UNIT=" Celsius " /> 
<CAUTION VALUE = "40" UNIT="Celsius" /> 
<CRITICAL VALUE = "45" UNIT=" Celsius " /> 

</TEMP> 

<TEMP> 

< LABEL VALUE = "Temp 3"/> 
<LOCATION VALUE = "CPU l"/> 
<STATUS VALUE = "Ok"/> 

<CURRENTREADING VALUE = "36" UNIT=" Celsius " /> 
<CAUTION VALUE = "90" UNIT="Celsius " /> 
<CRITICAL VALUE = "95" UNIT=" Celsius " /> 

</TEMP> 

<TEMP> 

< LABEL VALUE = "Temp 4"/> 
<LOCATION VALUE = "CPU l"/> 
<STATUS VALUE = "Ok"/> 

<CURRENTREADING VALUE = "32" UNIT=" Celsius " /> 
<CAUTION VALUE = "90" UNIT="Celsius " /> 
<CRITICAL VALUE = "95" UNIT=" Celsius " /> 

</TEMP> 

<TEMP> 



< LABEL VALUE = "Temp 5"/> 
<LOCATION VALUE = "Power Supply" /> 
<STATUS VALUE = "Ok"/> 

"CCURRENTREADING VALUE = "32" UNIT=" Celsius " /> 

<CAUTION VALUE = "51" UNIT="Celsius " /> 

•CCRITICAL VALUE = "56" UNIT="Celsius " /> 

</TEMP> 
</TEMPERATURE> 
<VRM> 
</VRM> 

<POWER_SUPPLIES> 

</POWER_SUPPLIES> 

<HEALTH_AT_A_GLANCE> 

<FANS STATUS= "Ok"/> 

<FANS REDUNDANCY= "Fully Redundant" /> 

<TEMPERATURE STATUS= "FAILED" /> 

<VRM STATUS= "Ok"/> 

<POWER_SUPPLIES STATUS= "Ok"/> 

<POWER_SUPPLIES REDUNDANCY= "unknown" /> 
< / HE AL T H_AT_A_G LAN C E > 
</GET_EMBEDDED__HEALTH_DATA> 
</RIBCL> 

cpqlocfg.exe: Script succeeded on "16.100.000.192:000" 

GET_POWER_READINGS 

The GETPOWERREADINGS command is used to get the power readings from the server power supply. 

GET_POWER_READINGS parameters 

None 

GET_POWER_READINGS return messages 

Two types of responses are available from the GET POWER READINGS command, depending on 
whether or not an advanced license is applied. 

If an advanced license is not applied, then a typical response is: 

<?xml version="l . 0"?> 
<RIBCL VERSION="2 .22"> 
<RESPONSE 

STATUS="0x0000" 

MESSAGE= ' No error' 

/> 

<GET_POWER_READINGS> 

<PRESENT_POWER_READING VALUE="275" UNIT="Watts " /> 
< ! -- 

Additional information is available with iLO 2 Advanced and iLO 2 Select 

licenses . 

--> 

</GET_POWER_READINGS> 
</RIBCL> 
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cpqlocfg.exe: Script succeeded on "16.100.100.100:100" 

If an advanced license is applied, a typical response is: 

<?xml version=" 1 . 0 " ?> 
<RIBCL VERSION="2 .22"> 
<RESPONSE 

STATUS="0x0000" 

MESSAGE= ' No error' 

/> 

<GET_POWER_READINGS> 

<PRESENT_POWER_READING VALUE="275" UNIT="Watts " /> 
<AVERAGE_POWER_READING VALUE="278" UNIT="Watts " /> 
<MAXIMUM_POWER_READING VALUE="283" UNIT="Watts " /> 
<MINIMUM_POWER_READING VALUE="270" UNIT="Watts " /> 
</GET_POWER_READINGS> 
</RIBCL> 

GET_POWER_CAP 

The GETPOWERCAP command is used to get the power cap of the server. For this command to parse 
correctly, the GET POWER CAP command must appear within a SERVERJNFO command block, and 
SERVERJNFO MODE can be set to read or write. 

Example: 

<RIBCL VERSION="2 .21"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="read"> 

<GET_POWER_CAP/> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

GET_POWER_CAP parameters 

None 

GET_POWER_CAP return messages 

A cap value of zero indicates that a power cap is not currently set on the server. A typical response is: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="read"> 

<GET_POWER_CAP /> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

SET_POWER_CAP 

The SETPOWERCAP command is used to set a power cap on the server. For this command to parse 
correctly, the SET POWER CAP command must appear within a SERVERJNFO command block, and 
SERVERJNFO MODE must be set to write. You must have the configure iLO 2 privilege to execute this 
command. 
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You cannot set this property if a dynamic power cap is set for the server. Dynamic power capping is set 
and modified using either Onboard Administrator or Insight Power Manager. 

Example of disabling the power cap: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="write"> 

<SET_POWER_CAP POWER_CAP=" 3 0 0 " /> 

</SERVER_INFO> 

</LOGIN> 
</RIBCL> 

SET_POWER_CAP parameters 

SETPOWERCAP POWER CAP is the power cap on the server. Valid power cap values are determined 
using a power test run on the server at boot. The possible values are 0 to disable the power cap, or a 
numeric value in watts (as determined in the power test.) 

SET_POWER_CAP runtime errors 

The possible SET POWER CAP error messages include: 

• Server information is open for read-only access. Write access is required for this operation. 

• Power Regulator feature is not supported on this server. 

• User does not have correct privilege for action. 

• The power cap value is invalid. 

GET_HOST_POWER_SAVER_STATUS 

The GET HOST POWER SAVER STATUS command requests the state of the processor power regulator 
feature of the server. For this command to parse correctly, the GET_HOST_POWER_SAVER_STATUS 
command must appear within a SERVERJNFO command block. You can set SERVERJNFO MODE to 
read or write. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="write"> 

<GET_HOST_POWER_SAVER_STATUS/> 

</SERVER_INFO> 

</LOGIN> 
</RIBCL> 

GET_HOST_POWER_SAVER_STATUS parameters 

None 

GET_HOST_POWER_SAVER_STATUS runtime errors 

The possible GET_HOST_POWER_SAVER_STATUS error messages include: 
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• Feature not supported 

GET_HOST_POWER_SAVER_STATUS return messages 

The following information is returned within one of the following responses: 

• <GET_HOST_POWER_SAVER 

HOST POWER_SAVER="OFF" 

/> 

• <GET_HOST_POWER_SAVER 

HOST POWER_SAVER="MIN" 

/> 

• <GET_HOST_POWER_SAVER 

HOST POWER_SAVER="AUTO" 

/> 

S ET_H OST_PO WE R_S AVE R 

The SETHOSTPOWERSAVER command is used to set the Power Regulator Setting for the server 
processor. For this command to parse correctly, the SET HOST POWER SAVER command must appear 
within a SERVERJNFO command block, and SERVERJNFO MODE must be set to write. The user must 
have the virtual power and reset privilege to execute this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<SERVER_INFO MODE="write"> 

<SET_HOST_POWER_SAVER HOST_POWER_SAVER=" 1 " /> 

</SERVER_INFO> 

</LOGIN> 
</RIBCL> 

SET_HOST_POWER_SAVER parameters 

The HOST POWER SAVER command controls the Dynamic Power Saver feature of the server processor if 
the feature is supported. The possible values are: 

• 1 —Operating system control mode 

• 2— HP Static Low Power mode 

• 3— HP Dynamic Power Savings mode 

• 4— HP Static High Performance mode 

SET_HOST_POWER_SAVER runtime errors 

The possible SET HOST POWER error messages include: 

• Server information is open for read-only access. Write access is required for this operation. 

• Power Regulator feature is not supported on this server. 



Using RIBCL 133 



• User does not have correct privilege for action. RESET SERVER PRIV required. 

GET_HOST_POWER_REG_INFO 

The GETHOSTPOWERREGJNFO command requests iLO 2 power regulator information. For this 
command to parse correctly, the GETHOSTPOWERREGJNFO command must appear within a 
SERVERJNFO command block, and SE RVE R_l N FO_MODE must be set to read. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="read"> 

<GET_HOST_POWER_REG_INFO/> 

</SERVER_INFO> 

</LOGIN> 
</RIBCL> 

GET_HOST_POWER_REG_INFO parameters 

None 

GET_HOST_POWER_REG_INFO runtime errors 

GETHOSTPOWERREGJNFO returns a runtime error if an iLO 2 Advanced License is not found. For 
example: 

<RIBCL VERSI0N="2 .22"> 

<RESPONSE 
STATUS="0x0043" 

MESSAGE= ' This feature requires an advanced license' 
/> 

</RIBCL> 

GET_HOST_POWE R_REG_I N FO return messages 

The GET_HOST_POWER_REG_INFO command returns all data available at the time of the request. If the 
request occurs within the first five minutes of a system or iLO 2 reset or power cycle, only a limited amount 
of data is available. 

A possible GETHOSTPOWERREGJNFO return message within the five minutes of a system or iLO 2 
reset or power cycle is: 

<GET_HOST_POWER_REG_INFO> 
<NumberProcessors>0< /Number Processor s> 
<NumberPstates>0< /Number Pstates> 
</GET_HOST_POWER_REG_INFO> 

A possible GETHOSTPOWERREGJNFO return message when all data is available is: 

<GET_HOST_POWER_REG_INFO> 
<NumberProcessors>2< /Number Processor s> 
<NumberPstates>3< /Number Pstates> 
<ProcessorO> 

<CurrentPstate>2</ CurrentPstate> 
<PstateO> 

<TotalAverage>34 . 3</TotalAverage> 
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</PstateO> 
<Pstatel> 

<TotalAverage>0</TotalAverage> 

</Pstatel> 

<Pstate2> 

<TotalAverage>65 . 7</TotalAverage> 

</Pstate2> 

<Pstate3> 

<TotalAverage>0</TotalAverage> 
</Pstate3> 



<Pstate7> 

<TotalAverage>0</TotalAverage> 

</Pstate7> 

</ProcessorO> 

<Processorl> 

<CurrentPstate>2</ CurrentPstate> 
<PstateO> 

<TotalAverage>34 . 3</TotalAverage> 

</PstateO> 

<Pstatel> 

<TotalAverage>0</TotalAverage> 

</Pstatel> 

<Pstate2> 

<TotalAverage>65 . 7</TotalAverage> 

</Pstate2> 

<Pstate3> 



<Pstate7> 

<TotalAverage>0</TotalAverage> 

</Pstate7> 

</Processorl> 

</GET_HOST_POWER_REG_INFO> 

GET_HOST_POWER_STATUS 

The GET HOST POWER STATUS command requests the power state of the server. For this command to 
parse correctly, the GET_HOST_POWER_STATUS command must appear within a SERVERJNFO 
command block. You can set SERVERJNFO MODE to read or write. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="write"> 

<GET_HOST_POWER_STATUS/> 

</SERVER_INFO> 

</LOGIN> 
</RIBCL> 

GET_HOST_POWER_STATUS Parameters 

None 
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GET_HOST_POWER_STATUS Runtime Errors 

The possible GET HOST POWER STATUS error messages include: 

• Host power is OFF. 

• Host power is ON. 

GET_HOST_POWER_STATUS Return Messages 

The following information is returned within the response: 

<GET_HOST_POWER 

HOST POWER="OFF" 

/> 

SET_HOST_POWER 

The SETHOSTPOWER command is used to toggle the power button of server. For this command to 
parse correctly, the SET HOST POWER command must appear within a SERVERJNFO command block, 
and SERVERJNFO MODE must be set to write. The user must have the virtual power and reset privilege 
to execute this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="write"> 

<SET_HOST_POWER HOST_POWER=" Yes " /> 

</SERVER_INFO> 

</LOGIN> 
</RIBCL> 

SET_HOST_POWER Parameters 

HOST POWER enables or disables the Virtual Power Button. The possible values are "Yes" or "No." 

SET_HOST_POWER Runtime Errors 

The possible SET HOST POWER error messages include: 

Server information is open for read-only access. Write access is required for this operation. 
Virtual Power Button feature is not supported on this server. 
Host power is already ON. 
Host power is already OFF. 

User does not have correct privilege for action. RESET SERVER PRIV required. 

GET_HOST_PWR_MICRO_VER 

The GETHOSTPWR MICROVER command toggles the power button of server. For this command to 
parse correctly, the GET_HOST_PWR_MICRO_VER command must appear within a SERVERJNFO 
command block, and SERVERJNFO must be set to read. 
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Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="admin" PASSWORD="adminl23"> 

<SERVER_INFO MODE="read"> 

<GET_HOST_PWR_MICRO_VER/> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

GET_HOST_PWR_MICRO_VER parameters 

None 

GET_HOST_PWR_MICRO_VER runtime errors 

The possible GET_HOST_PWR_MICRO_VER error messages include: 

• Error if the power micro cannot be read (hardware problem). 

• Power Of f if the server is powered off. 

• N/A if the server does not support a power micro. 

GET_HOST_PWR_MICRO_VER return messages 

• No errors and displays version information: 

<GET_HOST_PWR_MICRO_VER> 

<PWR_MICRO VERSI0N="2 . 3"/> 
</GET_HOST_PWR_MICRO_VER> 

• Server powered off: 

<GET_HOST_PWR_MICRO_VER> 

<PWR_MICRO VERSION="OFF"/> 
</GET_HOST_PWR_MICRO_VER> 

• Power micro not supported on the server: 

<GET_HOST_PWR_MICRO_VER> 

<PWR_MICRO VERS ION= "N/A" /> 
</GET_HOST_PWR_MICRO_VER> 

• Failed to read power micro version: 

<GET_HOST_PWR_MICRO_VER> 

<PWR_MICRO VERSION="Error"/> 
</GET_HOST_PWR_MICRO_VER> 

GET_PWREG_CAPABILITIES 

The GET_PWREG_CAPABILITIES command requests iLO 2 power regulator information related to system 
power minimum and maximum values, power supply type and capacity, and power microprocessor 
firmware version. For this command to parse correctly, the GET_PWREG_CAPABILITIES command must 
appear within a SERVERJNFO command block, and SERVERJNFO MODE must be set to read. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 
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<SERVER_INFO MODE="read"> 

<GET_PWREG_CAPABILITIES/> 

</SERVER_INFO> 

</LOGIN> 
</RIBCL> 

GET_PWREG_CAPABI LITI ES parameters 

None 

GET_PWREG_CAPABI LITI ES runtime errors 

The possible GET_PWREG_CAPABILITIES error messages include: 

• Error if the power micro cannot be read (hardware problem). 

• Power Off if the server is powered off. 

• N/A if the server does not support a power micro. 



GET_PWREG_CAPABILITIES return messages 

<GE T_PWRE G_C APAB ILITIES> 

<FWVERSI0N>"1 . 77"</FWVERSION> 

<THRD ID="0" S0CKET="1" CORE="0" THREAD="0"/> 
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<QS Q="4" 


P= 


ii ^ 11 


L="75"/> 




<QS Q="5" 


P= 


ii " 


L="75"/> 




<QS Q="6" 


P= 


ii " 


L="75"/> 




<QS Q="7" 


P= 


ii " 


L="75"/> 




<QS Q="8" 


P= 


"i" 


L="75"/> 




<THRD ID= 


'3" 


S0CKET="1" C0RE="3" 


THREAD="0"/> 


<QS Q="0" 


P= 


"0" 


L="100"/> 




<QS Q="l" 


P= 


"1" 


L="75"/> 




<QS Q="2" 


P= 


"1" 


L="75"/> 




<QS Q="3" 


P= 


"1" 


L="75"/> 




<QS Q="4" 


P= 


"1" 


L="75"/> 




<QS Q="5" 


P= 


"1" 


L="75"/> 




<QS Q="6" 


P= 


II -j^ " 


L="75"/> 




<QS Q="7" 


P= 


II -j^ " 


L="75"/> 




<QS Q="8" 


P= 


II -j^ " 


L="75"/> 




EFFICIENCY 


MODE 


INDEX="0" NAME= 


"OSC">"OS Control "</EFFICIENCY 



<EFFICIENCY_MODE INDEX="1" NAME="MIN">"Low_Power"</EFFICIENCY_MODE> 

<EFFICIENCY_MODE INDEX="2" NAME="DYN">" Dynamic "</EFFICIENCY_MODE> 

<EFFICIENCY_MODE INDEX="3" NAME="MAX">"Max_Power"</EFFICIENCY_MODE> 

<HISTORY SIZE="288" INTERVAL="30 0" TRACE="10"/> 

<BUSYMAXPWR>2 03</BUSYMAXPWR> 

< I DLEMAXPWR> 1 6 8 < / 1 DLEMAXPWR> 

<ECAP/> 

<TEMP/> 

<CPU/> 

<PWRSPLY TYPE="AC" CAPACITY=" 8 0 0 " /> 

<PWRALERT VERSION="0"/> 

<PWR MICRO VERSION="3 . 3"/> 
< / GE T_PWRE G_C APAB ILITIES> 

RESET_SERVER 

The RESETSERVER command will force a warm boot of the server, if the server is currently on. For this 
command to parse correctly, the RESET SERVER command must appear within a SERVERJNFO command 
block, and SERVERJNFO MODE must be set to write. The user must have the virtual power and reset 
privilege to execute this command. 

Example: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="write"> 

<RESET_SERVER/> 

</SERVER_INFO> 

</LOGIN> 
</RIBCL> 
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RESET_SERVER errors 

The possible RESETSERVER error messages include: 

• Server information is open for read-only access. Write access is required for this operation. 

• Server is currently powered off. 

• User does NOT have correct privilege for action. RESETSERVERPRIV required. 

RESET_SERVER parameters 

None 

PRESS_PWR_BTN 

This PRESS_PWR_BTN command is used to simulate a physical press of the server power button. For this 
command to parse correctly, the PRESS_PWR_BTN command must appear within a SERVERJNFO 
command block, and SERVERJNFO MODE must be set to write. The user must have the virtual power 
and reset privilege to execute this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="write"> 

<PRESS_PWR_BTN/> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

PRESS_PWR_BTN parameters 

There are no parameters for this command. 

PRESS_PWR_BTN runtime errors 

The possible error messages include: 

• Server information is open for read-only access. Write access is required for this operation. 

• User does not have correct privilege for action. RESET SERVER PRIV required. 

HOLD_PWR_BTN 

This HOLDPWRBTN command is used to simulate a physical press and hold of the server power button. 
For this command to parse correctly, the HOLD PWR BTN command must appear within a SERVERJNFO 
command block, and SERVERJNFO MODE must be set to write. The user must have the virtual power 
and reset privilege to execute this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 
<SERVER_INFO MODE="write"> 
<HOLD PWR BTN/> 
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</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

HOLD_PWR_BTN parameters 

There are no parameters for this command. 

HOLD_PWR_BTN runtime errors 

The possible error messages include: 

• Server information is open for read-only access. Write access is required for this operation. 

• User does not have correct privilege for action. RESETSERVERPRIV required. 

COLD_BOOT_SERVER 

This COLDBOOTSERVER command will force a cold boot of the server, if the server is currently on. For 
this command to parse correctly, the COLD BOOT SERVER command must appear within a 
SERVERJNFO command block, and SERVERJNFO MODE must be set to write. The user must have the 
virtual power and reset privilege to execute this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="write"> 

<COLD_BOOT_SERVER/> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

COLD_BOOT_SERVER parameters 

There are no parameters for this command. 

COLD_BOOT_SERVER runtime errors 

The possible error messages include: 

• Server information is open for read-only access. Write access is required for this operation. 

• Host power is already OFF. 

• User does not have correct privilege for action. RESET SERVER PRIV required. 

WARM_BOOT_S E RVE R 

This WARMBOOTSERVER command will force a warm boot of the server, if the server is currently on. 
For this command to parse correctly, the WARM BOOT SERVER command must appear within a 
SERVERJNFO command block, and SERVERJNFO MODE must be set to write. The user must have the 
virtual power and reset privilege to execute this command. 

Example: 

<RIBCL VERSI0N="2 . 0"> 
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<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="write"> 

<WARM_BOOT_SERVER/> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

WARM_BOOT_S E RVE R parameters 

There are no parameters for this command. 

WARM_BOOT_S E RVE R runtime errors 

The possible error messages include: 

• Server information is open for read-only access. Write access is required for this operation. 

• Host power is already OFF. 

• User does not have correct privilege for action. RESET SERVER PRIV required. 

SERVER_AUTO_PWR 

The SERVER_AUTO_PWR command is used to set the automatic power on and power on delay settings of 
the server. 

This command is supported by iLO 2 firmware version 1 .20 or later. It is not supported by iLO firmware 
or RILOE II. 

Example: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="Administrator" PASSWORD="password"> 
<SERVER_INFO MODE="write"> 

< ! — Enable automatic power on with 30 seconds delay --> 

<SERVER_AUTO_PWR VALUE="30" /> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

SERVER_AUTO_PWR parameters 

The possible values are: 

• Yes enables automatic power on with a minimum delay. 

• No disables automatic power on. 

• 15 enables automatic power on with 1 5-second delay. 

• 30 enables automatic power on with 30-second delay. 

• 4 5 enables automatic power on with 45-second delay. 

• 60 enables automatic power on with 60-second delay. 

• Random enables automatic power on with random delay up to 60-second. 
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SERVER_AUTO_PWR runtime errors 

The possible error messages include: 

• User does not have correct privilege for action. RESETSERVERPRIV required. 

• The value specified for SERVER_AUTO_PWR is invalid. 

GET_S E RVE R_AUTO_P WR 

The GET_SERVER_AUTO_PWR command is used to get the automatic power on and power on delay 
settings of the server. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="Administrator" PASSWORD="password"> 

<SERVER_INFO MODE="read"> 

<GET_SERVER_AUTO_PWR /> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

GET_S E RVE R_AUTO_PWR parameters 

None 

GET_S E RVE R_AUTO_PWR return message 

A possible GET_SERVER_AUTO_PWR return is: 

<?xml version="l . 0"?> 
<RIBCL VERSI0N="2 .22"> 
<RESPONSE 

STATUS="0x0000" 

MESSAGE= ' No error' 

/> 

<GET_SERVER_AUTO_PWR> 
< ! — 

Automatically Power On Server is enabled 

with 30 seconds power on delay. 
--> 

<SERVER_AUTO_PWR VALUE="30" /> 

</GET_SERVER_AUTO_PWR> 

</RIBCL> 

GET_UID_STATUS 

The GETUIDSTATUS command requests the state of the server UID. For this command to parse correctly, 
the GET UID STATUS command must appear within a SERVERJNFO command block. You can set 
SERVERJNFO MODE to read or write. 

Example: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 
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<SERVER_INFO MODE="write"> 

<GET UID_STATUS /> 

</SERVER_INFO> 

</LOGIN> 
</RIBCL> 

GET_UID_STATUS parameters 

None 

GET_UID_STATUS response 

The following information is returned within the response: 

<GET_UID_STATUS 

UID="OFF" 

/> 

UID_CONTROL 

The UIDCONTROL command toggles the server UID. For this command to parse correctly, the 
UID_CONTROL command must appear within a SERVE RJNFO command block, and SERVE RJNFO 
MODE must be set to write. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<SERVER_INFO MODE="write"> 

<UID_CONTROL UID="Yes"/> 

</SERVER_INFO> 

</LOGIN> 
</RIBCL> 

UID_CONTROL parameters 

UID determines the state of the UID. A value of "Yes" turns the UID light on, and a value of "No" turns the 
UID light off. 

UID_CONTROL errors 

The possible UID CONTROL error messages include: 

• UID is already ON. 

• UID is already OFF. 

GET_VPB_CABLE_STATUS (RILOE II only) 

The GET_VPB_CABLE_STATUS to return the status of the Virtual Power Button cable that may be connected 
to a RILOE II board. For this command to parse correctly, the GET VPB CABLE STATUS command must 
appear within a SERVERJNFO command block. You can set SERVERJNFO MODE to read or write. 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="adminname" PASSWORD="password"> 
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<SERVER_INFO MODE="read"> 

<GET_VPB_CABLE_STATUS/> 

</SERVER_INFO> 
</LOGIN> 
</RIBCL> 

GET_VPB_CABLE_STATUS parameters 

None 

GET_VPB_CABLE_STATUS Runtime Errors 

The possible GET VPB CABLE STATUS error messages include: 

• Virtual Power Button cable is attached. 

• Virtual Power Button cable is not attached. 

GET_VPB_CABLE_STATUS return messages 

A possible GET_VPB_CABLE_STATUS return message is: 

<RIBCL VERSI0N="2 .22"> 

<RESPONSE 
STATUS="0x0000" 
MESSAGE= ' No error' 

/> 

<GET_VPB_CABLE> 

<VIRTUAL POWER BUTTON CABLE="ATTACHED" / > 

</GET_VPB_CABLE> 
</RIBCL> 

SSOJNFO 

The SSO_INFO MODE command can only appear within a LOGIN command block. Only commands 
that are SSOJNFO MODE-type commands are valid inside the SSOJNFO MODE command block. 

SSOJNFO MODE requires the MODE parameter with a value of read or write. MODE is a specific string 
parameter with a maximum length of 10 characters that specifies what you intend to do with the 
information. 

Write mode enables both reading and writing of iLO 2 information. Read mode prevents modification of 
the iLO 2 information. You must have the Configure iLO 2 privilege to execute this command. 

Example: 

<SSO_INFO MODE="write"> 

SSO_INFOcommands 

</SSO_INFO> 

Deleting a SSO HP SIM Server Record by index number example: 

<RIBCL VERSION="2 . 0"> 

<LOGIN USER_LOGIN="Administrator" PASSWORD="password"> 
<SSO_INFO MODE="write"> 

<DELETE SERVER INDEX="6" /> 
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</SSO_INFO> 
</LOGIN> 
</RIBCL> 



SSO_INFO is only supported on licensed, iLO 2 vl .30 firmware. If iLO 2 is not licensed, you can still 
modify these settings. iLO 2 does not return an error. However, any SSO attempt is rejected if a license is 
not present. See the HP Integrated Lights-Out 2 User Guide for more information. 



GET_SSO_SETTINGS 

GET_SSO_SETTINGS command is used to retrieve SSO settings for iLO 2. For this command to parse 
correctly, the GET_SSO_SETTINGS command must appear within a SSOJNFO command block, and 
SSOJNFO MODE can be set to read or write. 

Example: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="Administrator" PASSWORD="password"> 

<SSO_INFO MODE="read"> 

<GET_SSO_SETTINGS/> 

</SSO_INFO> 
</LOGIN> 
</RIBCL> 



GET_SSO_SETTINGS parameters 

None 



GET_SSO_SETTINGS return messages 



The following is an example of an SSO settings response from a configured iLO 2. There are 0 or more 
SSO_SERVER records reflecting the number of stored server records in each. 

<GET_SSO_SETTINGS> 

<TRUST_MODE VALUE= " CERT I F I CATE " /> 
<USER_ROLE LOGIN_PRIV="Y" /> 
<USER_ROLE REMOTE_CONS_PRIV="N" /> 
<USER_ROLE RESET_SERVER_PRIV="N" /> 
<USER_ROLE VIRTUAL_MEDIA_PRIV="N" /> 
<USER_ROLE CONFIG_ILO_PRIV="N" /> 
<USER_ROLE ADMIN_PRIV="N" /> 
<OPERATOR_ROLE LOGIN_PRIV=" Y" /> 
<OPERATOR_ROLE REMOTE_CONS_PRIV=" Y" /> 
<OPERATOR_ROLE RESET_SERVER_PRIV=" Y" /> 
<OPERATOR_ROLE V I RTUAL_ME D I A_PR I V= " Y " /> 
<OPERATOR_ROLE CONFIG_ILO_PRIV="N" /> 
<OPERATOR_ROLE ADMIN_PRIV="N" /> 
<ADMINISTRATOR_ROLE LOGIN_PRIV=" Y" /> 
<ADMINISTRATOR_ROLE REMOTE_CONS_PRIV=" Y" /> 
<ADMINISTRATOR_ROLE RESET_SERVER_PRIV=" Y" /> 
<ADMINISTRATOR_ROLE VIRTUAL_MEDIA_PRIV="Y" /> 
<ADMINISTRATOR_ROLE CONFIG_ILO_PRIV=" Y" /> 
<ADMINISTRATOR_ROLE ADMIN_PRIV=" Y" /> 
<SSO_SERVER INDEX="0" 

ISSUED_TO="viv . hp . com" 

ISSUED_BY="viv . hp . com" 

VALID FROM="061108192059Z" 
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VALID_UNTIL="1 611081 92059Z"> 
BEGIN CERTIFICATE 



END CERTIFICATE 

</SSO_SERVER> 
<SSO_SERVER INDEX="1"> 
ant . hp . com 
</SSO_SERVER> 
</GET_SSO_SETTINGS> 

MOD_SSO_SETTINGS 

The MOD_SSO_SETTINGS command is used to modify the HP SSO settings for iLO 2. For this command 
to parse correctly, the MOD_SSO_SETTINGS command must appear within a SSOJNFO command 
block, and SSOJNFO MODE must be set to write. The user must have the Configure iLO 2 privilege to 
execute this command. 

Example: 

<RIBCL VERSION="2 . 0"> 

•CLOGIN USER_LOGIN="Administrator" PASSWORD="password"> 
<SSO_INFO MODE="write"> 
<MOD_SSO_SETTINGS> 

< ! — Specify the desired trust mode Options: DISABLED (default) , 
CERTIFICATE (recommended), NAME, or ALL 



•CTRUST MODE= " CERT I F I CATE " /> 



<!-- Specify the privileges assigned to the user role --> 

<USER_ROLE LOGIN_PRIV="Y" /> 

<USER_ROLE REMOTE_CONS_PRIV="N" /> 

<USER_ROLE RESET_SERVER_PRIV="N" /> 

<USER_ROLE VIRTUAL_MEDIA_PRIV="N" /> 

<USER_ROLE CONFIG_ILO_PRIV="N" /> 

<USER_ROLE ADMIN_PRIV="N" /> 

< ! — Specify the privileges assigned to the operator role --> 

<OPERATOR_ROLE LOGIN_PRIV=" Y" /> 

<OPERATOR_ROLE REMOTE_CONS_PRIV=" Y" /> 

<OPERATOR_ROLE RESET_SERVER_PRIV="Y" /> 

<OPERATOR_ROLE VIRTUAL_MEDIA_PRIV=" Y" /> 

<OPERATOR_ROLE CONFIG_ILO_PRIV="N" /> 

<OPERATOR_ROLE ADMIN_PRIV="N" /> 

<!-- Specify the privileges assigned to the administrator role --> 
ADMINISTRATOR ROLE LOGIN PRIV="Y" /> 
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<ADMINISTRATOR_ROLE REMOTE_CONS_PRIV="Y" /> 
<ADMINISTRATOR_ROLE RESET_SERVER_PRIV=" Y" /> 
<ADMINISTRATOR_ROLE VIRTUAL_MEDIA_PRIV=" Y" /> 
<ADMINISTRATOR_ROLE CONFIG_ILO_PRIV=" Y" /> 
<ADMINISTRATOR_ROLE ADMIN_PRIV=" Y" /> 

</MOD_SSO_SETTINGS> 

</SSO_INFO> 
</LOGIN> 
</RIBCL> 

MOD_SSO_SETTINGS parameters 

TRUSTMODE sets the Single Sign-On trust mode. The current setting is unaltered if this setting is omitted 
from the script. Accepted values: 

• Disabled— Disables HP SIM SSO on this processor. 

• Certificate— Accepts only SSO requests authenticated using a certificate. 

• Name— Trusts SSO requests from the named HP SIM Server. 

• All— Accepts any SSO request from the network. 

Role names are used to associate iLO privileges. The specified privileges are set accordingly for that role, 
and a privilege that is omitted is unaltered. Enable a privilege for the role using the argument "Y" and 
disable the privilege for the role using the argument "N." 

There are three roles for privilege assignment. Omitting a role leaves the current assignment unaltered: 

• USER ROLE— Privileges associated with User 

• OPERATOR_ROLE— Privileges associated with Operator 

• ADMINISTRATOR_ROLE— Privileges associated with Administrator 

For each role, there are multiple privileges that can be manipulated. The privilege is specified within the 
role tag. If a privilege is omitted, the current value is unaltered. Each privilege assignment is Boolean and 
can be set to "Y" (privilege granted) or "N" (privilege denied). For more details on account privileges, 
see the User Administration section of the User Guide. 

LOGIN_PRIV-Allows login for this role. 

REMOTE_CONS_PRIV— Grants access to remote console resources. 
RESET SERVER PRIV— Grants access to power and reset controls. 
VIRTUAL MEDIA PRIV— Grants access to virtual media resources. 
CONFIG_ILO_PRIV— Allows settings modification. 
ADMIN PRIV— Allows local user account modification. 

MOD_SSO_SETTINGS runtime errors 

• Incorrect firmware version. SSO is only support on iLO 2 vl .30 firmware or later. 

• User does not have correct privilege for action. CONFIG_ILO_PRIV required. 

• SSO INFO must be in write mode. 
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SSO_SERVER 

SSO_SERVER command is used to create HP SIM Trusted SSO Server records. For this command to parse 
correctly, it must appear within a SSOJNFO command block, and SSOJNFO MODE must be set to 
write. You must have the Configure iLO 2 privilege to execute this command. This command can be 
combined with MOD_SSO_SETTINGS. 

You can specify multiple SSO server records by using multiple instances of this command. The servers are 
added in the order that the records are specified. Duplicate records may be rejected and generate an 
error. The number of records stored by the lights-out processor depends on the size of the entries because 
certificates do not have a fixed size. Multiple certificates can normally be stored. 

There are three ways to add an HP SIM Trusted Server record using this command: 

• The server can be specified by network name (requires SSO trust level set to trust by name or trust 
all, but is not supported for trust by certificate). Use the fully qualified network name. 

• The server certificate can be imported by iLO 2 (the LOM processor requests the certificate from the 
specified HP SIM server using anonymous HTTP request). The iLO 2 processor must be able to 
contact the HP SIM server on the network at the time this command is processed for this method to 
work. 

• The server certificate can be directly installed on iLO 2. However, you must obtain the x.509 
certificate in advance. This method enables you to configure the iLO 2 in advance of placing it on 
the network with the HP SIM server. It also allows you to verify the contents of the HP SIM server 
certificate. See the HP Integrated Lights-Out 2 User Guide or the HP SIM User Guide for additional 
methods of obtaining the certificate from the HP SIM server. 

Example: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="Administrator" PASSWORD="password"> 
<SSO_INFO MODE="write"> 

< ! — Add an SSO server record using the network name 
(works for TRUST_MODE NAME or ALL) — > 
<SSO_SERVER NAME="hpsiml .hp.net" /> 

< ! — Add an SSO server record using indirect iLO import 
from the network name --> 

<SSO_SERVER IMP0RT_FR0M="hpsim2 .hp.net" /> 

<!-- Add an SSO server certificate record using direct 

import of certificate data --> 

< IMPORTJSERT I F I CATE> 

BEGIN CERTIFICATE 



END CERTIFICATE- 

</IMPORT_CERTIFICATE> 

</SSO_INFO> 

</LOGIN> 

</RIBCL> 



Using RIBCL 149 



SSO_SERVER parameters 

NAME indicates that the server is being specified by network name. It receives a quoted string containing 
the fully qualified network name of the HP SIM Trusted Server. The name is not validated by iLO 2 until an 
SSO login is attempted. For example, the syntax to add an HP SIM Trusted Server name: 

<SSO_SERVER NAME="hpsiml .hp.net" /> 

IMPORTFROM indicates that iLO 2 should request the HP SIM Trusted Server certificate from HP SIM. 
This request is implemented using an anonymous HTTP request similar to: 

http://<sim network address> : 2 8 0 /GetCertif icate 

iLO 2 requests the certificate when this command is processed. If the HP SIM server is unreachable, then 
an error occurs. For example, the syntax to have iLO 2 import a server certificate resembles: 

<SSO_SERVER IMPORT_FROM= " hps im2 .hp.net" /> 

IMPORT_CERTIFICATE indicates that iLO 2 should import the literal .PEM encoded x.509 certificate data 

that follows. The data is encoded in a block of text that includes the BEGIN CERTIFICATE 

and END CERTIFICATE text. For example, the syntax to import an HP SIM Trusted Server 

certificate resembles the following: 

<SSO_SERVER> 

BEGIN CERTIFICATE 

MIIC3TCCAkYCBESzwFUwDQYJKoZIhvcNAQEFBQAwgbUxCzAJBgNVBAYTAlVTMRMwE 

kXzhuVzPfWzQ+a2E9tGAE/YgNGTfS9vKkVLUf 6QoP/RQpYpkl5BxrsN3gM/PeT3zrxyTleE= 

END CERTIFICATE 

</SSO_SERVER> 

The certificate is validated by iLO 2 to assure that it can be decoded before it is stored. An error results if 
the certificate is a duplicate or corrupt. 

iLO 2 does not support certificate revocation and does not honor certificates that appear expired. You 
must remove any revoked or expired certificates. 

SSO_SERVER runtime errors 

A runtime error is generated: 

• If a certificate is a duplicate. 

• If a certificate is corrupt. 

• If the HP SIM server cannot be contacted using IMPORT FROM. 

• If the HP SIM Trusted Server database is full. You must delete other records to make sufficient room 
to add a new entry. 

• If the trust mode is set incorrectly. 

DELETE_SERVER 

The DELETE SERVER command is used to remove an HP SIM Trusted SSO Server record. For this 
command to parse correctly, it must appear within a SSOJNFO command block, and SSOJNFO MODE 
must be set to write. You must have the Configure iLO 2 privilege to execute this command. 

You can specify multiple SSO server records by using multiple instances of this command. The servers are 
deleted in the order that the records are specified, and the records are renumbered by each deletion. 
Delete records in the highest-to-lowest order if you want to delete multiple records at the same time. 

Example: 
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<RIBCL VERSI0N="2 . 0"> 

<LOGIN USER_LOGIN="Administrator" PASSWORD="password"> 

<SSO_INFO MODE="write"> 

<DELETE_SERVER INDEX="6" /> 

</SSO_INFO> 
</LOGIN> 
</RIBCL> 

DELETE_SERVER parameters 

INDEX indicates the record number to delete. This number is consistent with the index returned using a 
GET_SSO_SETTINGS command. The index is 0-based; that is the first record is index 0, the second 
record is index 1 , and so on. 

DELETE_SERVER runtime errors 

A runtime error is generated if the index is invalid. 
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HPQLOMGC command language 



Using HPQLOMGC 

HPQLOMGC reads directory settings for the management processor from an XML file. The script used is a 
subset of the RIBCL and has been extended to support multiple management processor firmware images. 
HPQLOMGC does not operate on iLO 2 devices. 

The following is an example of an XML file: 

<RIBCL VERSI0N="2 . 0"> 

•CLOGIN USER_LOGIN="user" PASSWORD="password"> 

<DIR_INFO MODE="write"> 

<ILO_CONFIG> 

< U P DAT E_R I B_F I RMWARE IMAGE_LOCATION="C : \ f w\ ilol 4 0 . brk" /> 
</ILO_CONFIG> 
<RILOE_CONFIG> 

< U P DAT E_R I B_F I RMWARE IMAGE_LOCATION=" C : \ f w\ riloe . brk" /> 
</RILOE_CONFIG> 
<RIL0E2_C0NFIG> 

< U P D AT E_R I B_F I RMWARE IMAGE_LOCATION=" C : \ f w\ riloeii . brk" /> 
</RIL0E2_C0NFIG> 
<MOD_DIR_CONFIG> 

<DIR_AUTHENTICATION_ENABLED value="YES" /> 

<DIR_LOCAL_USER_ACCT value="YES" /> 

<DIR_SERVER_ADDRESS value=" administration . wins . hp . com" /> 
<DIR_SERVER_PORT value="636" /> 

<DIR_OBJECT_DN value="CN=RIL0P5 , CN=Users , DC=RIL0EGRP2 , DC=HP" /> 
<DIR_OBJECT_PASSWORD value="aurora" /> 

<DIR_USER_C0NTEXT_1 value=" CN=Users , DC=RIL0EGRP2 , DC=HP" /> 
<DIR_USER_C0NTEXT_2 value="" /> 
<DIR_USER_C0NTEXT_3 value="" /> 

<DIR_ROLE value="CN=RILOEROLE, CN=Users, DC=RIL0EGRP2, DC=HP" /> 

<DIR_LOGIN_NAME value="RIL0EGRP2 \Adminl " /> 

<DIR_LOGIN_PASSWORD value="aurora" /> 
</MOD_DIR_CONFIG> 
</DIR_INFO> 
</LOGIN> 
</RIBCL> 

ILO_CONFIG 

RIBCL allows for only one firmware image per XML file. The command language for HPQLOMGC has 
been modified to allow for each management processor to have a specified firmware image within a 
single XML file. These commands must be displayed within a DIRJNFO block, and DIRJNFO must be in 
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write mode. The management processor is reset after the firmware upgrade is complete. To update the 
firmware, the user must be logged in with the appropriate privilege. 

This command line uses the following parameters: 

• UPDATE_RIB_FIRMWARE IMAGE_LOCATION ("UPDATE RIB FIRMWARE parameters" on page 
101) 

• MOD_DIR_CONFIG 
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iLO 2 ports 



Enabling the iLO 2 Shared Network Port feature 



For information on how to use the SHARED_NETWORK_PORT command to enable the iLO 2 Shared 
Network Port through XML scripting, see the "Remote Insight command language ("Using RIBCL" on page 



The following sample script configures the iLO 2 to select the Shared Network Port. You can customize 
this script to your needs. Using this script on platforms that do not support the Shared Network Port will 
cause an error. 

<RIBCL version="2 .21"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="WRITE"> 

<MOD_NETWORK_SETTINGS> 

<SHARED_NETWORK_PORT VALUE="Y" /> 

</MOD_NETWORK_SETTINGS> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 



Re-enabling the dedicated NIC management port 



You can re-enable the iLO 2 dedicated NIC management port using the User Interface, RBSU, CLP, or 
XML. You can re-enable the iLO dedicated NIC management port using the iLO 2 RBSU or XML scripting. 
For information about how to use the SHARED NETWORK PORT command, see the section, "Using 
RIBCL (on page 70)." 

To re-enable the dedicated management port using RBSU: 

1. Connect the dedicated NIC management port to a LAN from which the server is managed. 

2. Reboot the server. 

3. When prompted during POST, press the F8 key to enter iLO RBSU. 

4. Select Network>NIC>TCP/IP, and press the Enter key. 

5. In the Network Configuration menu, press Space Bar to change the Network Interface Adapter Field 
to ON. 

6. Press the F10 key to save the configuration. 

7. Select File>Exit, and press the Enter key. 

After the iLO resets, the dedicated management NIC port is active. 




70)" section. 
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To re-enable the dedicated iLO using XML, use the following sample RIBCL script. The sample script 
configures the iLO to select the iLO Network Port. You can modify the script for your specific needs. Using 
this script on platforms that do not support the Shared Network Port causes an error. 

<RIBCL version="2 .21"> 

<LOGIN USER_LOGIN="adminname" PASSWORD="password"> 

<RIB_INFO MODE="WRITE"> 

<MOD_NETWORK_SETTINGS> 

<SHARED_NETWORK_PORT VALUE="N" /> 

</MOD_NETWORK_SETTINGS> 

</RIB_INFO> 
</LOGIN> 
</RIBCL> 
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iLO 2 parameters 

Status Summary parameters 



Parameter 


Definition 


Server name 


Displays the server name. If the Insight Management Agents are 
being used with the host server operating system, they will 
provide the iLO 2 with the server name. 


UUID 


Identifies the host. Although the UUID is assigned when the 
system is manufactured, you can change this setting using the 
system RBSU during POST. 


Server Serial Number / 
Product ID 


Identifies the serial number of the server. Although the Serial 
Number is assigned when the system is manufactured, you can 
change this setting using the system RBSU during POST. 

The Product ID is used to distinguish between different systems 
with similar serial numbers. Although the Product ID is assigned 
when the system is manufactured, you can change this setting 
using the system RBSU during POST. 


Virtual UUID 


Appears when it is assigned by other software from HP. This 
value does not appear when it is not set. 


Virtual Serial Number 


The Virtual Serial Number is displayed when it is assigned by 
other software from HP. This value is not displayed when it is 
not set. 


System Health 


Represents the server internal health indicator, if supported. It 
summarizes problems with fans, temperature sensors, VRMs, 
and other monitored subsystems in the server. See the System 
Health page for details. 


System ROM 


The family and version of the active system ROM. If the system 
supports a backup system ROM, the backup date is also 
shown. 


Internal Health LED 


Represents the state of the Internal Health LED of the server 
when this page was loaded. 


TPM Status 


Represents the configuration status of Trusted Platform Module 
in the system. 


Server Power 


Displays if the host is powered ON, or in STANDBY (OFF) 
mode. 
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Parameter 


Definition 


UID Light 


Represents the state of the Unit Identification light when this 
page was loaded. You control the UID state using the button 
beside the UID icon in addition to the physical UID buttons on 
the server chassis. 

The UID helps you identify and locate a system and is used to 
indicate that a critical operation is in progress on the host, such 
as Remote console access or firmware update. 

The current state, ON or OFF, is the last state chosen using one 
of these methods. If a new state is chosen while the UID is 
blinking, this new state becomes the current state, and takes 
effect when the UID stops blinking. While the UID is blinking, 
the "current state" of the UID will be shown along with the tag 
(FLASHING). When the UID stops blinking, this tag is removed. 


Last Used Remote 
Console 


Displays the previously launched remote console and 
availability. This allows you to quickly launch your preferred 
remote console. You may use the remote console if it is 
available and you have user privileges. If the console is in use, 
launching the remote console provides access to the acquire 
button. You can choose a different console by following the Last 
Used Remote Console link. 


Latest IML Entry 


The most recent entry in the Integrated Management Log. 


iLO 2 Name 


Displays the name assigned to the Integrated Lights-Out 2 
subsystem. By default, this is iLO prepended to the system serial 
number. This value is used for the network name, so should be 
unique. 


License Type 


Displays whether the system has a feature license installed. 
Some features of iLO 2 cannot be accessed unless optionally 
licensed. 


iLO 2 Firmware Version 


Displays information about the version of iLO 2 firmware 
currently installed. 


Active Sessions 


Displays the users currently logged into iLO 2. 


Latest iLO 2 Event Log 
Entry 


Displays the most recent entry in the iLO 2 event log. 


z uate/ i ime 


uispiays tne aate \N\n\/ uu/ r r r rj as inaicatea Dy tne 
Integrated Lights-Out 2 subsystem internal clock. 

The iLO 2 internal clock is synchronized with the host system at 
POST and when the Insight Agents run. 



User Administration parameters 



Parameter 


Default value 


Definition 


User name 


Administrator 


This parameter is the user's real name as it is 
displayed in the user list and event log. It is 
not the name used to log in. The maximum 
length of the user name is 39 characters. 


Login name 


Administrator 


This is a case-sensitive name that the user must 
provide to log in to iLO 2. 



iLO 2 parameters 157 



Parameter 


Default value 


Definition 


Password 


A random, eight- 
character 

alphanumeric string 
that is factory 
assigned 


This is a case-sensitive password that the user 
must provide to log in to iLO 2. In Security 
Options, the minimum password length can 
be assigned. The minimum password can be 
from 0 to 39 characters. The default minimum 
password length is eight characters. You must 
enter the password twice for verification. 


Administer user 
accounts 


Yes 


This privilege allows a user to add, modify, 
and delete user accounts. It also allows the 
user to alter privileges for all users, including 
granting all permissions to a user. 


Remote console access 


Yes 


This privilege allows a user to remotely 
manage the Remote Console of a managed 
system, including video, keyboard, and 
mouse controls. 


Virtual power and reset 


t es 


This privilege allows a user to power-cycle or 
reset the host platform. 


Virtual media 


Yes 


This privilege allows a user to use virtual 
media on the host platform. 


Configure iLO 2 settings 


Yes 


This privilege enables a user to configure most 
iLO 2 settings, including security settings. It 
does not include user account administration. 

After iLO 2 is correctly configured, revoking 
this privilege from all users prevents 
reconfiguration. A user with the Administer 
User Accounts privilege can enable or disable 
this privilege. iLO 2 can also be reconfigured 
if iLO 2 RBSU is enabled. 



Global Settings parameters 



Settings (parameters) found on the Access Options page of the iLO 2 user interface. 



Parameter 


Default value 


Descriptions 


Idle Connection 
Timeout (minutes) 


30 minutes 


This setting specifies the interval of user inactivity, in minutes, 
before the web server and Remote Console session 
automatically terminate. The following settings are valid: 15, 
30, 60, 1 20 minutes, or 0 (infinite). The infinite timeout value 
does not log out inactive users. 
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Parameter 


Default value 


Descriptions 


Lights-Out 
Functionality 


Enabled 


This setting enables connection to iLO 2. If disabled, all 
connections to iLO 2 are prevented. 

The iLO 2 1 0/ 1 00 network and communications with 
operating system drivers are turned off if Lights-Out 
functionality is disabled. The iLO 2 Diagnostic Port for an HP 
ProLiant BL p Class server is also disabled. 

If iLO 2 functionality is disabled (including the iLO 2 
Diagnostic Port), you must use the server's Security Override 
Switch to enable iLO 2. See your server documentation to 
locate the Security Override Switch and set it to override. 
Power up the server and use the iLO 2 RBSU to set Lights-Out 
Functionality to Enabled. 


iLO 2 ROM-Based 
Setup Utility 


Enabled 


This setting enables or disables the iLO 2 ROM-Based Setup 
Utility. Normally, the iL02 Option ROM prompts you to press 
F8 to enter RBSU, but if iLO 2 is disabled or iLO 2 RBSU is 
disabled, the RBSU prompt is bypassed. 


Require Login for iLO 
2 RBSU 


Disabled 


This setting enables RBSU access with or without a user- 
credentials challenge. If this setting is Enabled, and you press 
ro auring r^oi to enter a i\dou, a login aiaiog dox 
appears. 


Show iLO 2 during 
POST 


Disabled 


This setting enables the display of the iLO 2 network IP 
address during the host server POST process. 


Serial Command Line 
Interface Status 


Enabled- 

Authentication 

Required 


This setting enables you to change the login model of the CLI 
feature through the serial port. The following settings are 
valid: 

• Enabled— Authentication Required 

• Enabled— No Authentication 

• Disabled 


Serial Command Line 
Interface Speed 


9600 


This setting enables you to use the serial port to change the 
speed of the serial port for the CLI feature. The following 
speeds (in bits/s) are valid: 9600, 19200, 38400, 57600, 
and 1 1 5200. The serial port configuration must be set to No 
parity, 8 data bits, and 1 stop bit (N/8/1) for proper 
operation. The serial port speed that is set by this parameter 
must match the speed of the serial port set in the System 
i\>^/v\ ixDou serup. 


Minimum Password 
Length 


8 


This setting specifies the minimum number of characters 
allowed when a user password is set or changed. The 
character length can be set at a value from 0 to 39. 


Server Name 




This setting enables you to specify the host server name. This 
value is assigned when using HP ProLiant Management 
Agents. If you do not use the agents and the host unnamed 
message appears, you can change it here. If the agents are 
running, the value you assign can be overwritten. 

To force the browser to refresh, save this setting, and press 
F5. 
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Parameter 


Default value 


Descriptions 


Authentication Failure 
Logging 


Enabled-Every 
3rd Failure 


This setting allows you to configure logging criteria for failed 
authentications. All login types are supported and every 
login type works independently. The following are valid 
settings: 

• Enabled-Every Failure— A failed login log entry is 
recorded after every failed login attempt. 

• Enabled-Every 2nd Failure— A failed login log entry is 
recorded after every second failed login attempt. 

• Enabled-Every 3rd Failure— A failed login log entry is 
recorded after every third failed login attempt. 

• Enabled-Every 5th Failure— A failed login log entry is 
recorded after every fifth failed login attempt. 

• Disabled— No failed login log entry is recorded. 



Settings (parameters) found on the Services page of the iLO 2 user interface. 



Parameter 


Default value 


Description 


Secure Shell 
Access 


(SSH) 


Enabled 


This setting enables you to specify whether the SSH feature 
on the iLO 2 is enabled or disabled. 


Secure shell 
Port 


(SSH) 


22 


This setting enables you to configure the iLO 2 SSH port to 
be used for SSH communications. 


Telnet Access 


Disabled 


This setting enables you to connect a telnet client to the 
Remote Console/Telnet port, providing access to the iLO 2 
CLP. The following settings are valid: 








• Enabled— iLO 2 enables telnet clients to connect to the 
Remote Console/Telnet port. Network port scanners can 
detect that iLO 2 is listening on this port. Unencrypted 
communication is allowed between the iLO 2 CLP and 
telnet clients. 








• Disabled— iLO 2 does not allow telnet clients to connect 
to the Remote Console/Telnet port. Network port 
scanners will not normally detect if this port is open on 
iLO 2. iLO 2 listens on this port for a few seconds when 
the Remote Console is opened, but telnet connections are 
not accepted. 

Communication between the iLO 2 and Remote Console is 
always encrypted. 


Remote 

Console/Telnet Port 


23 


This setting enables you to specify which port the iLO 2 
Remote Console uses for remote console communications. 


Web Server 
Port 


Non-SSL 


80 


This setting enables you to specify which port the embedded 
web server in iLO 2 uses for unencrypted communications. 


Web Server 


SSL Port 


443 


This setting enables you to specify which port the embedded 
web server in iLO 2 uses for encrypted communications. 
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Parameter 


Default value 


Description 


Terminal Services 
Passth rough 


Disabled 


This setting enables you to control the ability to support a 
connection through iLO 2 between a Microsoft® Terminal 
Services client and Terminal Services server running on the 
host. The following settings are valid: 

• Automatic— When remote console is started, the Terminal 
Services client is launched. 

• Enabled — The pass-through feature is enabled and can 
connect the Terminal Services client directly to the iLO 2 
without logging-into the iLO 2. 

• Disabled— The pass-through feature is off. 


Terminal Services Port 


3389 


This setting enables you to specify the Terminal Services Port 
that the iLO 2 uses for encrypted communications with 
Terminal Services Pass-through software on the server. If the 
Terminal Services port is configured to anything other than 
the default, you must manually change the port number. 


Virtual Media Port 


17988 


This setting enables you to specify the port for virtual media 
support in iLO 2 communications. 


Shared Remote 
Console Port 


9300 


This setting enables you to specify the Shared Remote 
Console Port. The Shared Remote Console Port is opened on 
the client to allow additional users to connect to remote 
console in a peer-to-peer fashion. This port is only open when 
Shared Remote Console is in use. 


Console Replay Port 


17990 


This setting enables you to specify the Console Replay Port. 
The Console Replay Port is opened on the client to enable the 
transfer of internal capture buffers to the client for replay. 
This port is only open when a capture buffer is being 
transferred to the client. 


Raw Serial Data Port 


3002 


This setting specifies the Raw Serial Data port address. The 
Raw Serial Data port is only open while the WiLODbg.exe 
utility is being used to debug the host server remotely. 


Settings (parameters) found on the Encryption page of the iLO 2 user interface. 


Parameter 


Default value 


Description 


Current cipher 




Displays the current cipher for this web browser session. 
Upon logging into the iLO 2 using the web browser, the 
browser and the iLO 2 negotiate the cipher setting to be used 
for the session. This web page displays the negotiated 
cipher. 


Enforce AES/3DES 
Encryption 




This setting allows you to enable or disable AES/3DES 
encryption. 

• If disabled, AES/3DES encryption is not used. 

• If enabled, cipher strength must be at least AES or 3DES 
to connect to iLO 2. 
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Network parameters 



Parameter 


Default value 


Definition 


NIC 


Yes 


This parameter enables the NIC to reflect the state of the iLO 2. The 
default setting for the NIC is Yes, which is enabled. If DHCP is 
disabled, you must assign a static IP address to the iLO 2. Assign the 
IP address using the iLO 2 IP address parameter. 


DHCP 


Yes 


Enables you to select static IP (disabled) or Enables the use of a 
DHCP server to obtain an IP address for the iLO 2 subsystem. 

You cannot set the iLO 2 IP address and subnet mask if DHCP is 
enabled. 

Enabling DHCP allows you to configure the following DHCP options: 

• Use DHCP Supplied Gateway 

• Use DHCP Supplied DNS Servers 

• Use DHCP Supplied WINS Servers 

• use utiLr ouppnea orotic Koutes 

• Use DHCP Supplied Domain Name 


IP address 


N/A (DHCP) 


Use this parameter to assign a static IP address to the iLO 2 on your 
network. By default, the IP address is assigned by DHCP. 


Subnet mask 


N/A (DHCP) 


Use the subnet mask parameter to assign the subnet mask for the 
default gateway. By default, the subnet mask is assigned by DHCP. 


Gateway IP 
address 


N/A (DHCP) 


Use the gateway parameter to assign the IP address of the network 
router that connects the iLO 2 subnet to another subnet where the 
management console resides. By default, the gateway is assigned 
by DHCP. 


iLO 2 subsystem 
name 


iLO 

2XXXXXXXXXXX 
X, where the 
1 2 Xs are the 
server serial 
number 

(assigned at the 
factory) 


The iLO 2 comes preset with a DNS/WINS name. The DNS/WINS 

II - 1 O II 1 i 1 - 1 1 Til Tl ■ 1 

name is iLQ I plus the serial number ot the server. 1 his name also 
is displayed on the tag attached to the bracket of iLO 2. You can 
change this value. 


Domain name 


N/A (DHCP) 


Enter the name of the domain in which iLO 2 participates. By 
default, the domain name is assigned by DHCP. 


Link 


Automatic 


Configures the duplex of the network transceiver. 
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Network DHCP/DNS parameters 



Parameter 


Default value 


Definition 


DHCP 


Enabled 


Enables you to select static IP (disabled) or enables the use of a 
DHCP server to obtain an IP address for iLO 2 subsystem. 

You cannot set the iLO 2 IP address and subnet mask if DHCP is 
enabled. 

Enabling DHCP allows you to configure the following DHCP options: 

• Use DHCP Supplied Gateway 

• Use DHCP Supplied DNS Servers 

• Use DHCP Supplied WINS Servers 

• use LTiLr ouppnea oraric ixoures 

• Use DHCP Supplied Domain Name 


IP Address 


N/A (DHCP) 


Use this parameter to assign a static IP address to iLO 2 on your 
network. By default, the IP address is assigned by DHCP. 


Domain Name 


N/A (DHCP) 


Enter the name of the domain in which iLO 2 will participate. By 
default, the domain name is assigned by DHCP. 


Use DHCP 
supplied gateway 


Enabled 


Toggles whether the iLO 2 will use the DHCP server-supplied 
gateway. If not, enter one in the Gateway IP Address box. 


Use DHCP 
supplied DNS 
servers 


Enabled 


Toggles whether iLO 2 will use the DHCP server-supplied DNS 
server list. If not, enter one in the Primary/Secondary/Tertiary DNS 
Server boxes. 


Use DHCP 
supplied WINS 
servers 


Enabled 


Toggles whether iLO 2 will use the DHCP server-supplied WINS 
server list. If not, enter one in the Primary/Secondary WINS Server 
boxes. 


Use DHCP 
supplied static 
routes 


Enabled 


Toggles whether iLO 2 will use the DHCP server-supplied static 
route. If not, enter one in the Static Route #1, #2, #3 boxes. 


Use DHCP 
supplied domain 
name 


Enabled 


Toggles whether iLO 2 will use the DHCP server-supplied domain 
name. If not, enter one in the Domain Name box. 


WINS Server 
Registration 


Enabled 


The iLO 2 automatically registers with a WINS server. By default, 
WINS server addresses are assigned by DHCP. 


DDNS Server 
Registration 


Enabled 


The iLO 2 automatically registers with a DNS server. By default, 
DNS server addresses are assigned by DHCP. 


Ping gateway on 
startup 


Disabled 


This option causes iLO 2 to send four ICMP echo request packets to 
the gateway when iLO 2 initializes. This option ensures that the ARP 
cache entry for iLO 2 is current on the router responsible for routing 
packets to and from iLO 2. 


Domain name 


N/A (DHCP) 


Enter the name of the domain in which iLO 2 participates. By 
default, the domain name is assigned by DHCP. 


DHCP server 


N/A (DHCP) 


This setting is automatically detected if DHCP is set to Yes. You 
cannot change this setting. 


Primary, 
secondary, and 
tertiary DNS server 


N/A (DHCP) 


Use this parameter to assign a unique DNS server IP address on the 
network. By default, the primary, secondary, and tertiary DNS 
servers are assigned by DHCP. 
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Primary and 
secondary WINS 
server 


N/A (DHCP) 


Use this parameter to assign a unique WINS server IP address on 
the network. By default, the primary and secondary WINS servers 
are assigned by DHCP. 


Static routes #1 , 

#2, #3 


N/A for both 
the destination 
and gateway 
address (DHCP) 


Use this parameter to assign a unique static route destination and 
gateway IP address pair on the network. Up to three static route 
pairs can be assigned. By default, the static routes are assigned by 
DHCP. 


Blade server 
parameters 






Diagnostic port 

configuration 

parameters 






Transceiver speed 
autoselect 


Yes 


Toggles the ability of the Transceiver to auto-detect the speed and 
duplex of the network on the Diagnostic Port. Speed and Duplex are 
disabled if Autoselect is set to Yes. 


Speed 


N/A (autoselect) 


Configures the speed of the Diagnostic Port. This speed must match 
the speed of the Diagnostic Port network. If the Autoselect option is 
set to Yes, the speed will be automatically configured by iLO 2. 


Duplex 


N/A (autoselect) 


Configures the duplex of the Diagnostic Port. The duplex should 
match the duplex of the Diagnostic Port network. If the Autoselect 
option is set to Yes, the duplex will be automatically configured by 


IP address 


192.168.1.1 


The Diagnostic Port IP address. If DHCP is being used, the 
Diagnostic Port IP address is automatically supplied. If not, enter a 

olUMC IT UUUIcob Mclc. 


Subnet mask 


255.255.255.0 


The subnet mask for the Diagnostic Port IP network. If DHCP is being 
used, the Subnet Mask is automatically supplied. If not, enter the 
subnet mask for the network. 



SNMP/lnsight Manager settings parameters 



Parameter 


Default Value 


Definition 


SNMP alert 
destination(s) 


No 


Enter the IP address of the remote management PC that 
will receive SNMP trap alerts from the iLO 2. Up to 
three IP addresses can be designated to receive SNMP 
alerts. 


Enable iLO 2 
SNMP alerts 


No 


The iLO 2 alert conditions are detected by the iLO 2 
and are independent of the host server operating 
system. These alerts can be Insight Manager SNMP 
traps. These alerts include major events, such as remote 
server power outages or server resets. They also 
include the iLO 2 events, such as security disabled or 
failed login attempt. The iLO 2 forwards the alerts to an 
HP SIMconsole using the destinations provided. 
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Parameter 


Default Value 


Definition 


Forward Insight 
Manager Agent 
SNMP alerts 


No 


When set to Yes, these alerts are generated by the 
Insight Management agents, which are provided for 
each supported network operating system. The agents 
must be installed on the host server to receive these 
alerts. These alerts are sent to HP SIM clients on the 
network and are forwarded asynchronously by the iLO 
2 to the IP addresses that have been configured to 
receive them. 


Enable SNMP 
pass-thru 


Yes 


The Enable SNMP pass-through option enables the 
system to pass SNMP packets from the Insight 
Management Agent. When set to No, all SNMP traffic 
is stopped and will not pass-through the iLO 2. 


Insight Manager 
Web Agent URL 




The Insight Manager Web Agent URL option enables 
you to enter the IP address or the DNS name of the host 
server on which the Insight Manager Web Agents are 
running. Entering this data in the field provided enables 
iLO 2 to create a link from the iLO 2 Web pages to the 
pages of the Web Agent. 


Level of data 
returned 


Medium 


The Level of Data Returned option regulates how much 
data is returned to an anonymous request for the iLO 2 
information from HP SIM. All settings, except the None 
Data Level, provide sufficient data to allow integration 
with HP SIM. The Medium and High settings enable HP 
SIM and Systems Insight Manager to associate the 
management processor with the host server. The None 
Data Level prevents the iLO 2 from responding to the 
HP SIM requests. 



rectory settings parameters 



Parameter 


Default value 


Definition 


Disable directory 
authentication 


No 


This parameter enables or disables directory 
authentication. If directory support is properly 
configured, this enables user login to iLO 2 using 
directory credentials. 


Schema-free 
directory 


Yes 


This parameter enables or disables the use of 
schema-free directories. 


Use HP extended 
schema 


No 


This parameter enables or disables the use of 
extended schema directories. 


Enable local user 
accounts 


Yes 


This option enables a user to log in using a local 
user account instead of a directory account. By 
default, this setting is Enabled. 


Directory server 
address 


0.0.0.0 


This parameter specifies the Directory Server DNS 
name or IP address. HP recommends using a DNS 
name or multi-host DNS name. If an IP address is 
used, the directory will not be available if that 
server is down. 
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Directory server 
LDAP port 


636 


This option sets the port number used to connect to 
the directory server. The SSL-secured LDAP port 
number is 636. 


LOM object 
distinguished name 




This option specifies the unique name for the iLO 2 
in the directory. LOM Object Distinguished Names 
are limited to 256 characters. 


LOM object 
password 




This parameter specifies the password for the iLO 
2 object to access the directory. LOM Object 
Passwords are limited to 39 characters. 

NOTE: At this time, the LOM Object 
Password field is not used. This field is 
to provide forward compatibility with 
future firmware releases. 


LOM object 
password confirm 




Prevents mistyped passwords. If you change the 
LOM Object Password, also enter the new 
password in this field. 


Directory user 
context 1 , directory 
user context 2, ... 
up to directory user 
context 1 5 




This parameter enables you to specify up to 1 5 
searchable contexts used to locate the user when 
the user is trying to authenticate using the 
directory. Directory User Contexts are limited to 
1 28 characters each. Directory User Contexts 
enable you to specify directory user containers that 
are automatically searched when an iLO 2 login is 
attempted. This eliminates the requirement of 
entering a fully distinguished user name at the 
login screen. For example, the search context, 
"ou=lights out devices,o=corp" would allow the 
user "cn=manager,ou=lights out devices,o=corp" 
to login to iLO 2 using just "manager." Active 
Directory allows an additional search context 
format, "©hostname" for example, 
"©directory. corp." 



-Class parameters 



Parameter 


Default value 


Definition 


Rack name 


Provided by 
rack 


The rack name is used to logically group together the 
components that compose a single rack. When 
changed, the rack name is communicated to all other 
components connected in a rack. The name is used 
when logging and alerting to assist in identifying the 
component. 


Enclosure name 


Provided by 
rack 


The enclosure name is used to logically group together 
the server blades that compose a single enclosure. 
When changed, the enclosure name is communicated to 
all other server blades connected in the same enclosure. 
The name is used when logging and alerting to assist in 
identifying the component. 
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Parameter 


Default value 


Definition 


Bay name 




The bay name is used when logging and alerting to 
assist in identifying a component or its function. 


Bay 


Provided by 
rack 


The ProLiant BL p-Class enclosure can support one to 
eight server blades. The bays are numbered from left to 
right starting with 1 and finishing with 8. The bay 
number is used to assist in physically identifying the 
faulty server blade or other error conditions. This 
information is for viewing only. 


Rack serial 
number 


Provided by 
rack 


The rack serial number identifies the components in the 
rack as a logical grouping. The serial number is 
determined during power-up of the various components 
to create a unique rack serial number. Switching 
components (server blade enclosure or power supplies) 
alters the rack serial number. 


Enclosure serial 
number 


Provided by 
rack 


The enclosure serial number identifies the particular 
server blade enclosure in which a server blade resides. 


Blade serial 
number 


Provided by 
blade server 


The blade serial number identifies the serial number for 
the server blade product. 


Power source 


Rack provides 
power 


The server blade enclosure can be installed in a rack by 
using one of two configurations: 

• The server blade power supplies can be used to 
convert normal AC facility power to 48 V DC to 
power the rack. In this configuration, select the 
power source as Rack Provides Power. This setting 
enables each server blade, enclosure, and power 
supply to communicate power requirements to 
ensure proper power consumption without risking 
power failures. 

• If the facility can provide 48 V DC power directly, 
without the need for the provided power supplies, 
then select Facility Provides 48V. Each server blade 
will not be required to communicate with the 
infrastructure for power when powering on or off. 

NOTE: It is essential that proper power 
sizing requirements be performed to ensure 
sufficient power for all the server blades and 
other components of the rack. 


Enable 
automatic 
power on 


On 


Each server blade can be configured to automatically 
power on when inserted into the enclosure. Depending 
on the Power Source setting, the server blade 
communicates with the rack to determine if enough 
power is available to power on. If the power is 
available, then the server blade automatically powers on 
and begins the normal server booting process. 
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Parameter 


Default value 


Definition 


Enable rack 
alert logging 
(IML) 


On 


As the server blade receives alerts, these events can be 
logged to the IML. You can view these events by using 
the iLO 2 System Status— IML tab. Additional IML 
viewing tools are available to allow viewing from the 
installed operating system on the server blade. 



Advanced Pack License Key 

The iLO 2 Advanced Pack License Key option is used to enable the iLO 2 Advanced Features including 
Graphical Remote Console, virtual media (floppy and CD-ROM), and directory support . Enter the 25- 
character key in this field to enable the features. 
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HP contact information 

For the name of the nearest HP authorized reseller: 

• See the Contact HP worldwide (in English) webpage 
( http:/ / welcome.hp.com/ country/ us/ en/ wwcontact.html ). 

For HP technical support: 

• In the United States, for contact options see the Contact HP United States webpage 
( http:/ / welcome.hp.com/ country/ us/ en/ contact us.html ). To contact HP by phone: 

o Call 1-800-HP-INVENT (1-800-474-6836). This service is available 24 hours a day, 7 days a 
week. For continuous quality improvement, calls may be recorded or monitored. 

o If you have purchased a Care Pack (service upgrade), call 1-800-633-3600. For more 
information about Care Packs, refer to the HP website ( http://www.hp.com/hps ). 

• In other locations, see the Contact HP worldwide (in English) webpage 
( http:/ / welcome.hp.com/ country/ us/ en/ wwcontact.html ). 

Before you contact HP 

Be sure to have the following information available before you call HP: 

• Technical support registration number (if applicable) 

• Product serial number 

• Product model name and number 

• Product identification number 

• Applicable error messages 

• Add-on boards or hardware 

• Third-party hardware or software 

• Operating system type and revision level 
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Acronyms and abbreviations 



ASCII 

American Standard Code for Information Interchange 

ASM 

Advanced Server Management 

ASR 

Automatic Server Recovery 

BMC 

baseboard management controller 
CA 

certificate authority 

CGI 

Common Gateway Interface 
CLI 

Command Line Interface 

CLP 

command line protocol 

CR 

Certificate Request 

DAV 

Distributed Authoring and Versioning 
DDNS 

Dynamic Domain Name System 
DHCP 

Dynamic Host Configuration Protocol 
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DLL 

dynamic link library 

DNS 

domain name system 
DSA 

Digital Signature Algorithm 

EMS 

Emergency Management Services 
EULA 

end user license agreement 
FEH 

fatal exception handler 

FSMO 

Flexible Single-Master Operation 

GUI 

graphical user interface 
HB 

heartbeat 

HPONCFG 

HP Lights-Out Online Configuration utility 

HPQLOMGC 

HP Lights-Out Migration Command Line 

ICMP 

Internet Control Message Protocol 
IIS 

Internet Information Services 
iLO 

Integrated Lights-Out 
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IML 

Integrated Management Log 
IP 

Internet Protocol 

IPMI 

Intelligent Platform Management Interface 

ISIP 

Enclosure Bay Static IP 

JVM 

Java Virtual Machine 

KCS 

Keyboard Controller Style 
LAN 

local-area network 
LDAP 

Lightweight Directory Access Protocol 
LED 

light-emitting diode 

LOM 

Lights-Out Management 
LSB 

least significant bit 

MAC 

Media Access Control 

MLA 

Master License Agreement 

MMC 

Microsoft® Management Console 
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MP 

Multilink Point-to-Point Protocol 



MTU 

maximum transmission unit 

NIC 

network interface controller 

NMI 

non-maskable interrupt 

NVRAM 

non-volatile memory 

PERL 

Practical Extraction and Report Language 
PKCS 

Public-Key Cryptography Standards 
POST 

Power-On Self Test 

PSP 

ProLiant Support Pack 
RAS 

remote access service 
RBSU 

ROM-Based Setup Utility 
RDP 

Remote Desktop Protocol 
RIB 

Remote Insight Board 
RIBCL 

Remote Insight Board Command Language 
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RILOE 

Remote Insight Lights-Out Edition 
RILOE II 

Remote Insight Lights-Out Edition II 
RSA 

Rivest, Shamir, and Adelman public encryption key 

RSM 

Remote Server Management 

SLES 

SUSE Linux Enterprise Server 

SMASH 

System Management Architecture for Server Hardware 

SMS 

System Management Server 
SNMP 

Simple Network Management Protocol 

SSH 

Secure Shell 
SSL 

Secure Sockets Layer 

TCP 

Transmission Control Protocol 
UART 

universal asynchronous receiver-transmitter 

UID 

unit identification 
USB 

universal serial bus 
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VM 

Virtual Machine 

VPN 

virtual private networking 

WINS 

Windows® Internet Naming Service 

ws 

web services 
XML 

extensible markup language 
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